How to get the authenticated user in a middleware #7791
Unanswered
ivanvaccari
asked this question in
Q&A
Replies: 1 comment
-
|
Hi @ivanvaccari Instead of re-ordering the authentication middleware it probably makes sense to configure your middleware to be invoked after authentication happens but before invoking a method or even parsing the parameters (depends on your requirement) @injectable(
asMiddleware({
chain: RestTags.REST_MIDDLEWARE_CHAIN,
group: "new-custom-group",
upstreamGroups: [RestMiddlewareGroups.AUTHENTICATION],
downstreamGroups: [RestMiddlewareGroups.INVOKE_METHOD]
})
)
export class MiddlewareProvider implements Provider<Middleware> {
constructor() {}
value(): Middleware {
return async (ctx, next) => {
// ...
};
}
} |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm following the middleware docs to implement a logging middleware: https://loopback.io/doc/en/lb4/Middleware.html
Since our project relies on a dynamic datasource selection to reach multi-tenancy, i need to know at middleware level if there's a logged in user in order to allow the datasource resolution.
But as described by this image:
the authentication step happens after the middleware invocation, so getting the user in the middleware always fails since no binding is available at that time:
I tried changing the sequence by setting up RestMiddlewareGroups.AUTHENTICATION before the RestMiddlewareGroups.MIDDLEWARE, but it breaks the sequence.
I did a horrible workaround by calling manually the authentication strategy and getting the user, but this result in the authentication process being performed two times (one manually by me, one by the sequence), and since it involves db access, it increase dhe db load.
Is there a way to do it?
Beta Was this translation helpful? Give feedback.
All reactions