3. Middleware
The middleware is in: /src/auth/services/mw.js
- req: request
- authOrSecDef: authOrSecDef
- token: Token from header Authorization
- cb: callback
Obtain the required roles from a Router
let requiredRoles = req.swagger.operation["x-security-scopes"];
// -> ['admin','user']Example of extracting token , see session
// decode token, this includes the dataToken
let session = await r.verify(token);
// decode token, this includes the dataToken and dataSession stored in redis
let session = await r.verify(token, true); Role Comparison, see role-calc
// Verify Roles
has(requiredRoles, _user.roles)Nodetomic Api Swagger