add changes

backend/middleware/guest.middleware.js

@@ -0,0 +1,83 @@
+const jwt = require('jsonwebtoken');
+const config = require('../config/config');
+const { GuestSession } = require('../models');
+
+/**
+ * Middleware to verify guest session token
+ */
+exports.verifyGuestToken = async (req, res, next) => {
+  try {
+    // Get token from header
+    const guestToken = req.headers['x-guest-token'];
+    
+    if (!guestToken) {
+      return res.status(401).json({
+        success: false,
+        message: 'No guest token provided. X-Guest-Token header is required.'
+      });
+    }
+
+    // Verify token
+    const decoded = jwt.verify(guestToken, config.jwt.secret);
+    
+    // Check if guestId exists in payload
+    if (!decoded.guestId) {
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid guest token. Missing guestId.'
+      });
+    }
+
+    // Verify guest session exists in database
+    const guestSession = await GuestSession.findOne({
+      where: { guestId: decoded.guestId }
+    });
+
+    if (!guestSession) {
+      return res.status(404).json({
+        success: false,
+        message: 'Guest session not found.'
+      });
+    }
+
+    // Check if session is expired
+    if (new Date() > new Date(guestSession.expiresAt)) {
+      return res.status(410).json({
+        success: false,
+        message: 'Guest session has expired. Please start a new session.'
+      });
+    }
+
+    // Check if session was converted to user account
+    if (guestSession.isConverted) {
+      return res.status(410).json({
+        success: false,
+        message: 'Guest session has been converted to a user account. Please login with your credentials.'
+      });
+    }
+
+    // Attach guest session to request
+    req.guestSession = guestSession;
+    req.guestId = decoded.guestId;
+    
+    next();
+  } catch (error) {
+    if (error.name === 'TokenExpiredError') {
+      return res.status(401).json({
+        success: false,
+        message: 'Guest token expired. Please start a new session.'
+      });
+    } else if (error.name === 'JsonWebTokenError') {
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid guest token. Please start a new session.'
+      });
+    } else {
+      return res.status(500).json({
+        success: false,
+        message: 'Error verifying guest token',
+        error: error.message
+      });
+    }
+  }
+};