Route.resource(): how to exclude a route from the auth middleware?


#1

I have this:

Route.group(() => {
  Route.resource('users', 'UserController').apiOnly()
}).prefix('api/v1').middleware('auth')

How can I exclude Route.get('api/v1/users', 'UserController.index') to be under the controller of the authentication middleware? Would adding the following be Ok ?

Route.get('api/v1/users', 'UserController.index').middleware['guest']


#2

I doubt it will work because you have assigned the named middleware “auth” to the larger group.


#3

I read in the documentation:

Group middleware executes before route middleware.

So I think there is not a solution to it, unless if I split the group and declare the routes one by one. Not sure. Will see if the authors would say something on this. Thank you


#4

Why not try simply by moving the explicit route you want to exclude above the Route group? and not have any middleware or guest to it.


#5

Route.resource() will generate it, so it will be affected by that middleware. @devanandb


#6

Do not use Route.resource and put each route where you want.


#7

Suppose I am lazy to write a lot, do you know any shorter way to achieve this? @jorgeyoma


#8

Hey all! :wave:

There’s multiple way to do so.

  1. The route file is read from top to bottom and will stop when a matching route has been found. Therefore, you can simply put your route in top of the Route.group().
  2. You can use the except() function to remove some routes from the resource.