const prettyURLs = require('../../middleware/pretty-urls'); const cors = require('../../middleware/api/cors'); const urlRedirects = require('../../middleware/url-redirects'); const auth = require('../../../services/auth'); /** * Auth Middleware Packages * * IMPORTANT * - cors middleware MUST happen before pretty urls, because otherwise cors header can get lost on redirect * - cors middleware MUST happen after authenticateClient, because authenticateClient reads the trusted domains * - url redirects MUST happen after cors, otherwise cors header can get lost on redirect */ /** * Authentication for public endpoints */ module.exports.authenticatePublic = [ auth.authenticate.authenticateClient, auth.authenticate.authenticateUser, // This is a labs-enabled middleware auth.authorize.requiresAuthorizedUserPublicAPI, cors, urlRedirects, prettyURLs ]; /** * Authentication for private endpoints */ module.exports.authenticatePrivate = [ auth.authenticate.authenticateClient, auth.authenticate.authenticateUser, auth.authorize.requiresAuthorizedUser, cors, urlRedirects, prettyURLs ]; /** * Authentication for client endpoints */ module.exports.authenticateClient = function authenticateClient(client) { return [ auth.authenticate.authenticateClient, auth.authenticate.authenticateUser, auth.authorize.requiresAuthorizedClient(client), cors, urlRedirects, prettyURLs ]; };