I have written a plugin for strapi, which provides a form in its frontend and a route with GET and POST requests enabled in the backend to get and set the values of the form. The values are stored in the backend via the
strapi.store function and by
fetching from the respective end point, getting and setting the values works just fine for public access to the route.
However, public access is not desirable. Therefore only authorized users should be able to access the given route. In order to do so, the access token is required, but I don’t know, how to obtain it programmatically (if I copy and paste it from the response of the login form into the fetch headers it works just fine).
So my question is: Where do I get the token from the currently logged in user? Or is there another standard way of accessing protected plugin routes?
Also some words about that in the official documenation would be highly appreciated.