Replies: 1 comment
-
|
Hi, You have req.user in middleware when u check jwt, like in your controller or service you can check it by req.user to get who sent request. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
is it possible to get the userId in req body in controllers for "user is the owner of ..." checks?
or is there a way to pull it from the access token on controller side?
i want to make sure the user can only delete his log by making a "user is the owner of this log" check using the userId in token and comparing it with the userId in log entity.
any ideas?
thanks in advance
Beta Was this translation helpful? Give feedback.
All reactions