docs: injection of current user may require optional set to true

Optional flag may need to be set to true when injecting CURRENT_USER in a controller constructor if only some controller methods are decorated with the @authenticate decorator
loopbackio · Jun 19, 2019 · 549e7ca · 549e7ca
1 parent 34d31d8
commit 549e7ca
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 0 deletions.
diff --git a/docs/site/Loopback-component-authentication.md b/docs/site/Loopback-component-authentication.md
@@ -160,6 +160,9 @@ export class WhoAmIController {
 }
 ```
 
+{% include note.html content="If only <b>some</b> of the controller methods are decorated with the <b>@authenticate</b> decorator, then the injection decorator for CURRENT_USER in the controller's constructor must be specified as <b>@inject(AuthenticationBindings.CURRENT_USER, {optional:true})</b> to avoid a binding error when an unauthenticated endpoint is accessed. Alternatively, do not inject CURRENT_USER in the controller <b>constructor</b>, but in the controller <b>methods</b> which are actually decorated with the <b>@authenticate</b> decorator. See [Method Injection](Dependency-injection.md#method-injection), [Constructor Injection](Dependency-injection.md#constructor-injection) and [Optional Dependencies](Dependency-injection.md#optional-dependencies) for details.
+" %}
+
 An example of the decorator when options **are** specified looks like this:
 
 ```ts

diff --git a/docs/site/decorators/Decorators_authenticate.md b/docs/site/decorators/Decorators_authenticate.md
@@ -40,5 +40,8 @@ export class WhoAmIController {
 }
 ```
 
+{% include note.html content="If only <b>some</b> of the controller methods are decorated with the <b>@authenticate</b> decorator, then the injection decorator for CURRENT_USER in the controller's constructor must be specified as <b>@inject(AuthenticationBindings.CURRENT_USER, {optional:true})</b> to avoid a binding error when an unauthenticated endpoint is accessed. Alternatively, do not inject CURRENT_USER in the controller <b>constructor</b>, but in the controller <b>methods</b> which are actually decorated with the <b>@authenticate</b> decorator. See [Method Injection](../Dependency-injection.md#method-injection), [Constructor Injection](../Dependency-injection.md#constructor-injection) and [Optional Dependencies](../Dependency-injection.md#optional-dependencies) for details.
+" %}
+
 For more information on authentication with LoopBack, visit
 [here](../Loopback-component-authentication.md).
diff --git a/docs/site/tutorials/authentication/Authentication-Tutorial.md b/docs/site/tutorials/authentication/Authentication-Tutorial.md
@@ -231,6 +231,9 @@ a user can print out his/her user profile by performing a `GET` request on the
   // ...
 ```
 
+{% include note.html content="Since this controller method is obtaining CURRENT_USER via [method injection](../../Dependency-injection.md#method-injection) (instead of [constructor injection](../../Dependency-injection.md#constructor-injection)) and this method is decorated with the <b>@authenticate</b> decorator, there is no need to specify <b>@inject(AuthenticationBindings.CURRENT_USER, {optional:true})</b>. See [Using the Authentication Decorator](../../Loopback-component-authentication.md#using-the-authentication-decorator) for details.
+" %}
+
 The `/users/me` endpoint is decorated with
 
 ```ts