From b67717c8e570c209fd3f286d4c39971881f339f7 Mon Sep 17 00:00:00 2001
From: Egor <31133048+Ezzer17@users.noreply.github.com>
Date: Mon, 24 Oct 2022 22:27:35 +0300
Subject: [PATCH] Enforce authentication for API routes (#276)

Closes #275
---
 src/backend/routes/index.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/backend/routes/index.ts b/src/backend/routes/index.ts
index b65d653..3505e84 100644
--- a/src/backend/routes/index.ts
+++ b/src/backend/routes/index.ts
@@ -5,13 +5,15 @@ import auth from './auth.js';
 import aliases from './aliases.js';
 import api from './api/index.js';
 import pagesMiddleware from './middlewares/pages.js';
+import verifyToken from './middlewares/token.js';
+import allowEdit from './middlewares/locals.js';
 
 const router = express.Router();
 
 router.use('/', pagesMiddleware, home);
 router.use('/', pagesMiddleware, pages);
 router.use('/', pagesMiddleware, auth);
-router.use('/api', api);
+router.use('/api', verifyToken, allowEdit, api);
 router.use('/', aliases);
 
 export default router;