From fb4c03735affb90ccbc36d07d36855b357c72bee Mon Sep 17 00:00:00 2001
From: npmrun <1549469775@qq.com>
Date: Fri, 22 May 2026 16:59:10 +0800
Subject: [PATCH] feat(auth): add auth middleware for request context injection

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 server/middleware/auth.ts | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 server/middleware/auth.ts

diff --git a/server/middleware/auth.ts b/server/middleware/auth.ts
new file mode 100644
index 0000000..3e65aa8
--- /dev/null
+++ b/server/middleware/auth.ts
@@ -0,0 +1,15 @@
+import { verifyAccessToken } from "../service/auth/lib/jwt";
+
+export default defineEventHandler(async (event) => {
+  const accessToken = getHeader(event, "authorization")?.replace("Bearer ", "");
+  if (!accessToken) return;
+
+  const payload = await verifyAccessToken(accessToken);
+  if (payload) {
+    event.context.user = {
+      userId: payload.userId,
+      sessionId: payload.sessionId,
+      role: payload.role,
+    };
+  }
+});
\ No newline at end of file