How to expose information from an authorization middleware, such as the logged-in user to the subsequent request controllers with Aqueduct?
Eg my route is:
.route('/events/[:id]')
.link(() => SecretKeyAuthorizer(context))
.link(() => EventsController(context));
And the SecretKeyAuthorizer uses a header to find the current User. And I'd like to use the information from the User in the EventsController.
After a long search I finally found the answer. One can use attachments that is a dictionary for that purpose in the request object, kept for its lifetime. So typically the Authorizer would do something like:
request.attachments["user"] = user;
And the subsequent RessourceControllers can use it with :
User user = request.attachments["user"] as User;
Note that request, is a member of the "Controller" class, so it is directly accessible through inheritance.