You can protect your routes by using the AuthMiddleware in your controllers like this:
import { Controller, Middleware } from '@Typetron/Router'
import { AuthMiddleware } from '@Typetron/Framework/Middleware'
@Controller()
@Middleware(AuthMiddleware)
export class HomeController {
@Get()
index() {
return "this route is for logged in users only"
}
@Get()
read() {
return "this route is for logged in users only"
}
}
Or you can add it to specific methods like this:
import { Controller, Middleware } from '@Typetron/Router'
import { AuthMiddleware } from '@Typetron/Framework/Middleware'
@Controller()
export class HomeController {
@Get()
@Middleware(AuthMiddleware)
index() {
return "this route is for logged in users only"
}
}
To get the authenticated user you can use the @AuthUser decorators in a property or method argument:
import { Controller, Middleware, Post } from '@Typetron/Router'
import { Inject } from '@Typetron/Container'
import { AuthMiddleware } from '@Typetron/Framework/Middleware'
import { User } from 'App/Entities/User'
import { AuthUser } from '@Typetron/Framework/Auth'
@Controller()
@Middleware(AuthMiddleware)
export class HomeController {
@AuthUser()
authenticatedUser: User
@Post()
me() {
return this.user
}
}
import { Controller, Middleware, Post } from '@Typetron/Router'
import { AuthMiddleware } from '@Typetron/Framework/Middleware'
import { User } from 'App/Entities/User'
import { AuthUser } from '@Typetron/Framework/Auth'
@Controller()
export class HomeController {
@Post()
@Middleware(AuthMiddleware)
me(@AuthUser() authenticatedUser: User) {
return authenticatedUser
}
}