Override Authentication

The annotation @@Authenticated@@ use the @@AuthenticatedMiddleware@@ to check the authentication strategy.

To customise this behavior, the right way is to override the default AuthenticatedMiddleware then implement directly your authentication strategy (with passport.js for example).

Use case

import {Controller, Get, Authenticated} from "@tsed/common";

@Controller("/mypath")
class MyCtrl {
  @Get("/")
  @Authenticated({role: "admin"})
  public getResource(){}
}
1
2
3
4
5
6
7
8

Example

import {Unauthorized} from "ts-httpexceptions";
import {IMiddleware, EndpointInfo, Req, Middleware} from "@tsed/common";

@Middleware()
export class AuthenticatedMiddleware implements IMiddleware {
  public use(@Req() request: Req, @EndpointInfo() endpoint: EndpointInfo) {
    const options = endpoint.get(AuthenticatedMiddleware) || {};
    // @ts-ignore
    if (!request.isAuthenticated(options)) {
      throw new Unauthorized("Unauthorized");
    }
  }
}
1
2
3
4
5
6
7
8
9
10
11
12
13

::: tip By default, the server import automatically your middlewares matching with this rules ${rootDir}/middlewares/**/*.ts (See componentScan configuration).

.
├── src
│   ├── controllers
│   ├── services
│   ├── middlewares
│   └── Server.ts
└── package.json
1
2
3
4
5
6
7

If not, just import your middleware in your server or edit the componentScan configuration.

import {ServerLoader, ServerSettings} from "@tsed/common";
import "./src/other/directory/MyAuthMiddleware";

@ServerSettings({
    ...
})
export class Server extends ServerLoader {
  
 
}
1
2
3
4
5
6
7
8
9
10

:::