Middleware for fetching the user information

[abhishek-p-s]

function getUserDataFromReq(req) { return new Promise((resolve, reject) => { jwt.verify(req.cookies.token, jwtSecret, {}, async (err, userData) => { if (err) throw err; resolve(userData); }); }); }

instead of calling this function again and again we can create a middleware and we can add that midleware on each request and there is no need to call this function again and again

Why middleware is better than calling the function repeatedly
❌ Current approach (function call everywhere)

You must call getUserDataFromReq(req) in every route

Easy to forget → security bug

Repeated boilerplate

Poor separation of concerns

✅ Middleware approach (best practice)

JWT verification runs before the controller

Controller receives already-authenticated user

Cleaner, safer, reusable

Scales well as your app grows (especially important for MERN / Nest-style APIs)

[chaudhary-sneha14]

Instead of calling getUserDataFromReq(req) in every route, this should be moved to middleware.

Why middleware is better:

No need to remember to call the function in every route
Prevents security bugs if someone forgets to add it
Removes repeated boilerplate

Keeps auth logic separate from controller logic
Controllers can directly use req.user

example :-

const authMiddleware = (req, res, next) => {
const token = req.cookies?.token;
if (!token) return res.status(401).json({ message: "Unauthorized" });

jwt.verify(token, jwtSecret, {}, (err, userData) => {
if (err) return res.status(401).json({ message: "Invalid token" });
req.user = userData;
next();
});
};