Override Authentication
The annotation @Authenticated()
use the AuthenticatedMiddleware
to check the authentication strategy.
To customise this behavior, the right way is to override the default AuthenticatedMiddleware
then implement directly
your authentication strategy (with passport.js for example).
Use case
@ControllerProvider("/mypath")
class MyCtrl {
@Get("/")
@Authenticated({role: "admin"})
public getResource(){}
}
1
2
3
4
5
6
2
3
4
5
6
Example
import {OverrideMiddleware, AuthenticatedMiddleware} from "@tsed/common";
import {Forbidden} from "ts-httpexceptions";
@OverrideMiddleware(AuthenticatedMiddleware)
export class MyAuthenticatedMiddleware implements IMiddleware {
public use(@EndpointInfo() endpoint: EndpointMetadata,
@Request() request: Express.Request,
@Response() response: Express.Response,
@Next() next: Express.NextFunction) { // next is optional
// options given to the @Authenticated decorator
const options = endpoint.get(AuthenticatedMiddleware) || {};
// options => {role: 'admin'}
if (!request.isAuthenticated()) { // passport.js
throw new Forbidden("Forbidden")
}
next();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21