Getting Authenticated User - Implementation
1 - Route Name
We'll firs start off by adding the route and the controller in.
GET /api/v1/users/auth
File: src/routes/user.route.js
const express = require('express')
const router = express.Router()
const isAuthenticated = require('../middleware/auth.middleware')
const { registerUser, getAuthUser } = require('../controllers/auth')
router.post('/', registerUser)
router.post('/auth', getAuthUser) // This is our new route
module.exports = router
File: src/controllers/user/getAuthUser.js
const catchExceptions = require('../../utils/catchExceptions')
/**
* Gets the currently authenticated user in the current session.
*/
const getAuthUser = catchExceptions((req, res) => {
// our code goes here...
})
module.exports = getAuthUser
2 - Input Request
None.
3 - Middleware
Now it's time to add our first middleware. This will essentially protect any route against unauthenticated users.
File: src/middleware/auth/auth.middleware.js
const globalResponseDto = require('../responses/globalResponseDto')
const isAuthenticated = (req, res, next) => {
if (!req.session.user) {
return res.status(401).json(
globalResponseDto({
status: 'error',
code: 401,
message:
'Access denied: you must be logged in to access this API endpoint.',
data: null,
errors: ['You must be logged in.']
})
)
}
next()
}
module.exports = isAuthenticated
We can then add this isAuthenticated
middleware to our GET /users/auth
route as follows. Remember that this is a reusable middleware, we'll be using this all throughout the next chapter.
File: src/controllers/auth/getAuthUser.controller.js
const { getAuthUser } = require('../controllers/auth')
router.get('/auth', isAuthenticated, getAuthUser)
4 - Validation
None.
5 - Domain
None, but because we are using the express-session
library, we can simply just retrieve the user from the req
object given to us in our controller, see below.
6 - Events
None.
7 - Response
Putting it all together, we get the follow. Do note also that we are reusing our userResponseDto
to help us out with outputting the correct user information to our client.
File: src/controllers/user/getAuthUser.js
const globalResponseDto = require('../../responses/globalResponseDto')
const userResponseDto = require('../../responses/userResponseDto')
const catchExceptions = require('../../utils/catchExceptions')
/**
* Gets the currently authenticated user in the current session.
*/
const getAuthUser = catchExceptions((req, res) => {
const user = req.session.user // This is essentially our logged in user
res.status(200).json(
globalResponseDto({
status: 'success',
code: 200,
message: `The currently authenticated user's information.`,
data: userResponseDto(user),
errors: null
})
)
})
module.exports = getAuthUser
Last updated