From 77d0b2cddc479ae1be91a9f7c507b3572ce6668a Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <kranitsasthomas@gmail.com>
Date: Sun, 12 May 2019 11:06:19 +0300
Subject: [PATCH 1/2] Allow unknown properties on the JWT

---
 src/services/ProjectService.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/services/ProjectService.js b/src/services/ProjectService.js
index d764fa1..c1e4dfd 100644
--- a/src/services/ProjectService.js
+++ b/src/services/ProjectService.js
@@ -28,7 +28,7 @@ const Project = models.Project;
 const currentUserSchema = Joi.object().keys({
   handle: Joi.string().required(),
   roles: Joi.array().required(),
-});
+}).unknown(true);
 const projectSchema = {
   project: {
     id: Joi.string().required(),

From a1238cc401859793e62ecd3f9f231030e2a2c822 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <kranitsasthomas@gmail.com>
Date: Sun, 12 May 2019 11:11:07 +0300
Subject: [PATCH 2/2] Fix joi validation on currentUser

---
 src/app.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/app.js b/src/app.js
index cacc64a..91f5594 100644
--- a/src/app.js
+++ b/src/app.js
@@ -63,7 +63,11 @@ _.forEach(routes, (verbs, path) => {
       if (!req.authUser) {
         return next(new errors.UnauthorizedError('Authorization failed.'));
       }
-      req.currentUser = req.authUser;
+
+      req.currentUser = {
+        handle: _.get(req, 'authUser.handle', '').toLowerCase(),
+        roles: _.get(req, 'authUser.roles', [])
+      };
 
       return next();
     });