devcbuea
commented
5 years ago JWT is already implemented, making it global will be great.As of now access control can only be done by an auth middleware that is imported in every module. Having a single import will be great.
Authentication will be done using jwt tokens for now, since we are providing an API end service. encoded user properties in the token can be discussed under this issue. Resources needed to implement this https://jwt.io/ https://medium.com/dev-bits/a-guide-for-adding-jwt-token-based-authentication-to-your-single-page-nodejs-applications-c403f7cf04f4 a suggestion will be to implement this as middleware in authentication for now, but if there is a way to make it a global middleware by which we could exclude some certain routes from being authenticated will be great, there should be some npm module for that