From a23b74b575befc6dd4c75c1919f59f9bec7b1856 Mon Sep 17 00:00:00 2001
From: Ezzer17 <zonchegegor@mail.ru>
Date: Thu, 20 Oct 2022 02:39:34 +0300
Subject: [PATCH] Enforce authentication for API routes

Closes #275
---
 src/backend/routes/index.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/backend/routes/index.ts b/src/backend/routes/index.ts
index b65d6539..3505e846 100644
--- a/src/backend/routes/index.ts
+++ b/src/backend/routes/index.ts
@@ -5,13 +5,15 @@ import auth from './auth.js';
 import aliases from './aliases.js';
 import api from './api/index.js';
 import pagesMiddleware from './middlewares/pages.js';
+import verifyToken from './middlewares/token.js';
+import allowEdit from './middlewares/locals.js';
 
 const router = express.Router();
 
 router.use('/', pagesMiddleware, home);
 router.use('/', pagesMiddleware, pages);
 router.use('/', pagesMiddleware, auth);
-router.use('/api', api);
+router.use('/api', verifyToken, allowEdit, api);
 router.use('/', aliases);
 
 export default router;