Authentication middleware #66
Description
Hello arunoda,
Continuing to try to port my IronRouter code to FlowRouter, i am facing a problem with middlewares.
With IronRouter, to ensure that a user was logged-in, i was using this code:
Iron.Router.plugins.auth = function (router, options) {
router.onBeforeAction(function () {
if (!Meteor.user() && !Meteor.loggingIn()) {
if (Router.current() && Router.current().route)
Session.set('returnTo', Router.current().route.getName());
Router.go(options.authRoute);
}
this.next();
}, {
except: [
'signin',
'signup',
'lostPassword',
'resetPassword',
'verifyEmail'
]
});
};
Now, to switch to FlowRouter, i rewrited my code like this:
var exceptions = [
'/signin',
'/signup',
'/lost-password',
'/reset-password',
'/verify-email'
];
FlowRouter.middleware(function (path, next) {
console.log(path);
if (!_.contains(exceptions, path)) {
if (!Meteor.userId()) {
Session.set('returnTo', path);
next('/signin');
}
}
next();
});
The main problem, if for routes reset-password and verify-email. Thoses routes accept a parameter token, and the this is the problem. I can't predict this token, ans so, i can't compare with the routes in the exceptions array.
Of course, i could've split the path to keep only the first part of the route, but it will complexify the code.
This should be easy with named routes to handle this issue. Another way would be to provide path and params to middlewared callbacks separately.
What do you think ?
Best regards,
William