Middleware for rendr routes #274
Comments
|
We are doing this in our controller: Example controller: function ensureUserIsLoggedIn(actionHandler) {
return function () {
var router = this,
user = router.app.user;
if (!user.isLoggedIn()) {
router.redirectTo('/login');
} else {
actionHandler.apply(this, arguments);
}
};
}
module.exports = {
securePage: ensureUserIsLoggedIn(function (params, callback) {
// controller#action logic here ...
})
};This works great as long as you have only one middleware/before hook, if you have more the code will get unreadable. |
|
This concept seems like it would probably do the trick. Have you considered using something like underscore's wrap method for an after hook? |
|
This is the pattern we've used at Airbnb as well. |
|
hey @lo1tuma, some basic questions here. How do you authenticate users? Who will populate the |
|
The authentication is done by our API host, we only have to forward those cookies. |
|
@lo1tuma would you mind elaborating on that last comment? Where does the |
|
The user object is an instance of our user model. We creating this instance
|
|
@lo1tuma can you please elaborate more on this ? i tried but didn't get success. |
|
@nileshsavani09 our team has decided that we need to add in some middleware that runs for the routes. Once we implement this in our project, I'll make sure we create a PR for one of the examples to show how this can be done. |
|
@crwang Would be awesome to have some examples with the approaches that everyone is taking, I the upcoming month I will also implement this on our app and I will try to share the approach also. So any comments and suggestions are welcome. Would be nice to have some feature in rendr to support this use case. what do you think @saponifi3d ? |
|
@pjanuario Awesome, we will probably just submit a PR to the examples repo when we are done with a simple example, but I'm pretty sure we don't need to modify rendr itself for this. Will keep you posted as we get a working solution going and put together an example. We should be doing it this week I would assume, or latest by end of next week. |
|
@pjanuario As far as I know... it's data that's being passed through to the controller, so you can access it in a controller and do your validation there. It's at least defined on the route object in the router, which means it should be passed through to the controller to do that... if it's not I can probably fix that pretty quickly. It seems like it'd be crazy handy to simply say 'required role' or something in the controller. I generally agree with @crwang that we probably shouldn't need to change anything to change in rendr. The way I generally think you'd want to do authorization for a route is to have a piece of middleware do the validation in the controller. |
|
@pjanuario @saponifi3d My colleague created this example for how we are doing middle ware for route requests. Hopefully, it's helpful. It'd be nice if it could make it into the the repo as an example. |
Out of the box, is there a way to add middleware to the routes similarly to the way express uses them? We need to add something like, "isAuthenticated".
If not, can someone point me in a direction to get started implementing this?
Thanks!
The text was updated successfully, but these errors were encountered: