0

In LoopBack 4 framework, for any secured API call, I need to authenticate the request for every endpoint. Instead of this approach i wants to configure that verification globally like LoopBack 3. Any solution for this?

   @post('/users/{userId}/orders', {
    responses: {
      '200': {
        description: 'User.Order model instance',
        content: {'application/json': {schema: {'x-ts-type': Order}}},
      },
    },
  })
  @authenticate('jwt')
  @authorize({resource: 'order', scopes: ['create']})
  async createOrder(
    @param.path.string('userId') userId: string,
    @requestBody() order: Order,
  ): Promise<Order> {
    await this.userRepo.orders(userId).create(order);
  }

In above code @authenticate('jwt') was mentioned, can we mention this in a common file?

Salitha
  • 1,022
  • 1
  • 12
  • 32
Anto Hevin
  • 23
  • 7
  • in your app constructor, what do you have in `this.api({...})`? – ffflabs Feb 11 '20 at 10:28
  • Did you tried adding an authenticate function in `sequence.ts`? – Salitha Feb 12 '20 at 06:10
  • @salitha can you please explain how and where to add in sequence.ts – Anto Hevin Feb 14 '20 at 13:19
  • As I have no tested code, I suggest you to to refer dcumentation https://loopback.io/doc/en/lb4/Sequence.html – Salitha Feb 14 '20 at 13:34
  • I can assure you that setting annotation at the application.ts level will not enable it for all controllers. The only way to handle this is to add a base controller which has the annotation of @authenticate and all other controllers should be inherited from this. – Althaf M Mar 23 '20 at 16:03

0 Answers0