Protecting Routes

You can protect any route and require a valid token when accessing that route with the &protected decorator. You can access the route if you pass in a valid token as a query parameter called token with your request. The server will otherwise respond with 400/401 and "Missing token!" or "Invalid token".

The server will also respond with "Invalid token" if the token is expired.

&protected
@post('/note'):
    respond('Only viewable with a valid token.")

@get('/public'):
    respond('This is viewable without a token.")

Last updated