Closed mlconnor closed 11 years ago
mlconnor
commented
11 years ago I'm still trying to come up to speed on node and express but it feels like mers should be handled using the
app.all('/rest/*', ......paradigm instead of app.use. This would provide the ability to define route specific middleware and auth functions. Thoughts??? Keep in mind that it's 11:04pm and I'm two Ketel's martinis deep so let me know if I'm out of my mind. Thanks Justin. -mc
jspears
commented
11 years ago Yup just make sure it loads before mers
Sent from my iPhone
On Aug 1, 2013, at 11:06 PM, Michael Connor notifications@github.com wrote:
I'm still trying to come up to speed on node and express but it feels like mers should be handled using the
app.all('/rest/*', ...
...paradigm instead of app.use. This would provide the ability to define route specific middleware and auth functions. Thoughts??? Keep in mind that it's 11:04pm and I'm two Ketel's martinis deep so let me know if I'm out of my mind. Thanks Justin. -mc
— Reply to this email directly or view it on GitHubhttps://github.com/jspears/mers/issues/13#issuecomment-21983921 .
jspears
commented
11 years ago Also look at passport it has the auth stuff and examples
Sent from my iPhone
On Aug 1, 2013, at 10:44 PM, Michael Connor notifications@github.com wrote:
Justin, question for you.
I'm trying to build a simple auth system so that I can validate that someone is logged in or has some permissions before using the REST API. My initial thinking was to use the middleware approach to inject a function before the rest() middleware to check for auth. So...
app.use('/rest', function(req, res, next) { if ( ! loggedIn ) { res.redirect('/login_bitch'); } else { next(); } }); app.use('/rest', rest({'mongoose':mongoose}).rest() );
First, can you think of a more sensible way to do this? And second, the issue I'm have is that the first piece of middleware is never called. If I remove mers then it runs but it's like mers overwrites it somehow. Any help is much appreciated.
— Reply to this email directly or view it on GitHubhttps://github.com/jspears/mers/issues/13 .
Justin, question for you.
I'm trying to build a simple auth system so that I can validate that someone is logged in or has some permissions before using the REST API. My initial thinking was to use the middleware approach to inject a function before the rest() middleware to check for auth. So...
First, can you think of a more sensible way to do this? And second, the issue I'm have is that the first piece of middleware is never called. If I remove mers then it runs but it's like mers overwrites it somehow. Any help is much appreciated.