System Information
- Strapi Version: 3.2.3
- Operating System: alpine3.12
- Database: postgres 13
- Node Version: node 12.19
- NPM Version: ?
- Yarn Version:
Hello,
I am creating a middleware to add owner policy to image upload for a resource.
My problem is that I don’t have access to the ctx.state.user
which seems to be set after my middleware.
Here is my middleware in ./middlewares/uploadPostImageOwnerPolicy/index.js
module.exports = strapi => {
return {
initialize() {
strapi.app.use(async (ctx, next) => {
console.log(ctx.request.headers, ctx.state.user)
})
},
}
};
And here the configuration of the middleware in ./config/middleware.js:
module.exports = {
load: {
before: ['responseTime', 'logger', 'cors', 'responses'],
order: [
"Define the middlewares' load order by putting their name in this array in the right order",
],
after: ['parser', 'router', 'uploadPostImageOwnerPolicy'],
},
settings: {
uploadPostImageOwnerPolicy: {
enabled: true,
},
},
};
And the result of that is that if I am calling the POST /upload endpoint
I got:
{
host: 'localhost:1337',
connection: 'keep-alive',
'content-length': '200',
accept: 'application/json',
authorization: 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ODMsImlhdCI6MTYwNTkwNDgzMSwiZXhwIjoxNjA4NDk2ODMxfQ.F6klpIRPY5TUQ8umkPl4jI-hpGmoJw2evcXCaXbiIu4',
'user-agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36',
'content-type': 'application/json',
origin: 'http://localhost:3000',
'sec-fetch-site': 'same-site',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'empty',
referer: 'http://localhost:3000/',
'accept-encoding': 'gzip, deflate, br',
'accept-language': 'en-GB,en-US;q=0.9,en;q=0.8,fr;q=0.7'
} undefined
So you can see that I have an authorization token (and it’s a valid one because the POST /upload
route is configured to be reached only if the user is authenticated).
How to run this middleware after the injection of the user in the state?