516bc7675d
* Adds test project * Adds e2e for end-2-end tests * Update gitignore * Update loaders * Creates test project * v0.1.27 * Upgrade * dependency fixes * Load project plugins in the plugin loader * Issue with instanceof * Fixes versioning issues * Adds medusa middleware api * Adds documentation * Fixes tests
17 lines
550 B
JavaScript
17 lines
550 B
JavaScript
// This middleware is injected to ensure authorization of requests
|
|
// Since this middleware uses the user object on the request, this should be
|
|
// injected after authentication in the core middleware, hence we name
|
|
// the middleware postAuth.
|
|
export default {
|
|
postAuthentication: () => {
|
|
return (err, req, res, next) => {
|
|
const permissionService = req.scope.resolve("permissionService")
|
|
if (permissionService.hasPermission(req.user, req.method, req.path)) {
|
|
next()
|
|
} else {
|
|
res.status(422)
|
|
}
|
|
}
|
|
}
|
|
}
|