Comments (7)
I have this simple auth middleware, just for my needs.
You can make multiple auth middleware for admin check, role check, etc.
import { Middleware, UnauthorizedError } from "routing-controllers";
import * as express from "express";
/**
* Authorization middleware for express framework with routing-controllers.
* Prevent access of not logged user to the routes guarded by this middleware.
*/
@Middleware()
export class AuthorizationMiddleware {
/**
* Checks if there is a session in request with atached user.
* If is, calls next middleware in chain, otherwise throws UnauthorizedError.
*
* @param {express.Request} req The Express request object
* @param {express.Response} _res The Express response object (not used)
* @param {express.NextFunction} [next] The next Express middleware function to call after (optional)
*/
public use(req: express.Request, _res: express.Response, next?: express.NextFunction) {
if (!req.session || !req.session.user || !req.session.user.id) {
throw new UnauthorizedError("Access denied, you have to login first!");
}
if (next) {
next();
}
}
}
from routing-controllers.
It is supported now in 0.7.0
from routing-controllers.
I want the same requirement as above.
I want to use authentication for each router using passport and and json web token. In pure express routes its very easy to implement. But currently i am using this module for routing So could you please explain how to add passport and jwt authentication routers using thus module.
from routing-controllers.
I'd like this feature too.
I wish the method to look like @authenticated(role : string).
This way I can use the same decorator throughout the application in different scenarios.
I saw a simple implementation for this middleware here, the only problem is that I'm not sure how to create the middleware from the decorator.
Thanks
from routing-controllers.
@Authorized
in all cases will have a different logic. This decorators needs a good proposal how it should be designed and work with different use cases on each client.
from routing-controllers.
It may help you:
import {Middleware, MiddlewareInterface} from "routing-controllers";
import {Forbidden} from "../lib/HttpStatus";
@Middleware()
export class RequireAuth implements MiddlewareInterface {
use(request: any, response: any, next?: (err?: any) => any): any {
if(request.session.auth) {
return next();
}
throw new Forbidden();
}
}
Instead of @Authorized
you need to add this to your class/controller:
@UseBefore(RequireAuth)
export class UsersController {
// ...
}
from routing-controllers.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
from routing-controllers.
Related Issues (20)
- Render twig template with models of data retrieved from the database HOT 9
- question: call constructor() of controllers before they receive a request HOT 3
- question: set timeout for a specific route HOT 3
- @HttpCode doesnt return the correct Status code HOT 3
- fix: Breaking Change in 0.10.0, @koa/router and trailing slash HOT 2
- use base class and inheriting twice is broken HOT 5
- fix: @ValidateNested not working HOT 2
- question: how to auto-transform body instance to plain in routing-controllers HOT 5
- fix: Wrong logic for render decorator
- fix: global middlewares (re)registered each time useExpressServer is called HOT 3
- question: @Param not type casted HOT 21
- question: building the code looks for Koa, while I'm only using Express HOT 8
- fix: class-validator does not work on last version of RC HOT 9
- fix: <Injected Response object is undefined> HOT 1
- question: @Get path with literal and variable HOT 3
- feature: <how make sub folder controllers> how make sub folder controllers HOT 2
- fix: jsdoc for Put http method, it mentions POST http method
- fix: TypeDI do not inject service HOT 1
- Annotate return type of `createExpressServer` with more narrow type HOT 1
- `cors: true` causes "Cannot set headers after they are sent to the client" error HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from routing-controllers.