Pass res Response to auth function in middleware/authorization

[yagop]

I think It would be useful to pass res object in the auth function in the authorization middleware.

https://github.com/primus/primus/blob/62c02cd6236ebdd88568ef2daa88da33a263f5a8/middleware/authorization.js#L21

Maybe as third argument in order to not breaking compatibility.

[lpinca]

What's your use case?

[yagop]

I want to set some attributes to res, like res.locals in Express. In my use case, after authorization I want to set a user object.

[lpinca]

It may sound odd but can't you do that in a new middleware that is added after the authorization middleware?

primus.before('locals', function (req, res) {
  res.locals = { foo: 'bar' };
}, primus.indexOfLayer('authorization') + 1);

The overhead should be minimal.

[yagop]

To set the user I have to call the same API to verify the authorization. Its much better having res in auth function.

[lpinca]

This is a bit messy but in the auth middleware you can set you stuff on the req object and in the next middleware move it to the res object.

[yagop]

I would better write an authorization middleware which do the same as the authorization (close connection if not valid) and write to res my values.

Why so against about passing res to auth function?

[lpinca]

I see no real value, I mean, I understand your use case, but ideally the auth function should only validate and do stuff on the incoming connection. This is more a logical condition than a hard requirement but this is how I picture it. Anyway let's keep this open an wait for others to weigh in.