A middleware function that should kill the request with a 403 unless current user's uuid is the same as the uuid provided via url param or the user's account uuid is not the same as the uuid provided via url param should be implemented and applied to all endpoints. The information about the current user should be available after the lifecycle of the requests reaches the session middleware.
A middleware function that should kill the request with a 403 unless current user's uuid is the same as the uuid provided via url param or the user's account uuid is not the same as the uuid provided via url param should be implemented and applied to all endpoints. The information about the current user should be available after the lifecycle of the requests reaches the session middleware.