Medusa v2 Docs: Issue in 5.7. Custom CLI Scripts - Medusa v2 Docs

[amaster507]

What Medusa version and documentation are you using?

v2

Preliminary Checks

• [X] This issue is not a duplicate. Before opening a new issue, please search existing issues: https://github.com/medusajs/medusa/issues

Issue Summary

In the example code under # Authentication-opt-out, it uses both these lines of code:

req: AuthenticatedMedusaRequest,

and

export const AUTHENTICATE = false

After doing some testing, by setting the AUTHENTICATE to false you lose the access to the auth_context even if the user/customer is logged in.

How can this issue be resolved?

Make mention somehow in the docs that by disabling AUTHENTICATE on an /admin/* page, you no longer have access to the authentication context. Maybe change the example code snippet too where these are used together.

Are you interested in working on this issue?

• [ ] I would like to fix this issue

[shahednasser]

Thanks for reporting this. Will add a note to clarify this.

However, may I ask what your use case is that requires you to opt out of authentication but still access the admin user?

[amaster507]

My intention when testing this was to use it as a way to switch off from a free version of an api route vs more features if authentication context is added. Then in the code decide throw errors if certain parameters were met without authentication. Like limit to 25 items for the free context, but allow a full featured request with authentication request up to 500 items in a single query.

[shahednasser]

Got it, why don't you go for an API route under a custom path (not /admin)? Feels more appropriate logically.

Anyway, as mentioned in this section, you can add the authentication middleware to your routes setting allowUnauthenticated to true. That way you don't need the authentication opt-out