From 7e3ca7798e9507dac08ab50da214d2e258ed9b36 Mon Sep 17 00:00:00 2001
From: yuetsh <517252939@qq.com>
Date: Tue, 16 Jun 2026 00:15:48 -0600
Subject: [PATCH] feat: add bearerAuth Hono middleware

---
 server/middleware/bearerAuth.ts | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 server/middleware/bearerAuth.ts

diff --git a/server/middleware/bearerAuth.ts b/server/middleware/bearerAuth.ts
new file mode 100644
index 0000000..0540777
--- /dev/null
+++ b/server/middleware/bearerAuth.ts
@@ -0,0 +1,21 @@
+import type { MiddlewareHandler } from 'hono'
+import { verifyAccessToken } from '../auth'
+
+export type AuthVariables = { userId: string; role: string }
+
+export function bearerAuth(secret: string): MiddlewareHandler<{ Variables: AuthVariables }> {
+  return async (c, next) => {
+    const auth = c.req.header('Authorization')
+    if (!auth?.startsWith('Bearer ')) {
+      return c.json({ error: '未授权' }, 401)
+    }
+    const token = auth.slice(7)
+    const payload = await verifyAccessToken(token, secret)
+    if (!payload) {
+      return c.json({ error: '未授权' }, 401)
+    }
+    c.set('userId', payload.userId)
+    c.set('role', payload.role)
+    await next()
+  }
+}