From 64711bc54a2d0dd86c0009f1cf770182dfc9bc7d Mon Sep 17 00:00:00 2001
From: Verum <whyverum@gmail.com>
Date: Thu, 19 Mar 2026 15:25:55 +0700
Subject: [PATCH] 333332

---
 server.js              |  7 +++++++
 src/middleware/auth.js | 22 ++++++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 src/middleware/auth.js

diff --git a/server.js b/server.js
index ca1df40..7ba2c54 100644
--- a/server.js
+++ b/server.js
@@ -16,6 +16,13 @@ app.use(cors());
 app.use(express.json());
 app.use(express.static(path.join(__dirname, 'public')));
 
+function requireAuth(req, res, next) {
+    if (!req.session || !req.session.authenticated) {
+        return res.status(401).json({ error: 'Unauthorized' });
+    }
+    next();
+}
+
 // Session configuration
 app.use(session({
     secret: process.env.SESSION_SECRET || 'default-secret-change-this',
diff --git a/src/middleware/auth.js b/src/middleware/auth.js
new file mode 100644
index 0000000..9c499c9
--- /dev/null
+++ b/src/middleware/auth.js
@@ -0,0 +1,22 @@
+// Authentication middleware
+function requireAuth(req, res, next) {
+    if (!req.session || !req.session.authenticated) {
+        return res.status(401).json({ error: 'Unauthorized' });
+    }
+    next();
+}
+
+// Role-based permissions
+function getRolePermissions(role) {
+    const permissions = {
+        admin: ['read', 'write', 'delete', 'admin'],
+        editor: ['read', 'write'],
+        viewer: ['read']
+    };
+    return permissions[role] || permissions.viewer;
+}
+
+module.exports = {
+    requireAuth,
+    getRolePermissions
+};
\ No newline at end of file