vapor-po/Sources/App/Extensions/RouteBuilder+protected.swift

import DatabaseClientLive
import SharedModels
import Vapor

extension RoutesBuilder {

  // Used to ensure views are protected, redirects users to the login page if they're
  // not authenticated.
  var protected: any RoutesBuilder {
    return self
    // return grouped(
    //   UserPasswordAuthenticator(),
    //   UserSessionAuthenticator(),
    //   User.redirectMiddleware { req in
    //     "/login?next=\(req.url)"
    //   }
    // )
  }

  func apiUnprotected(route: PathComponent) -> any RoutesBuilder {
    grouped("api", "v1", route)
  }

  // Allows basic or token authentication for api routes and prefixes the
  // given route with "/api/v1".
  func apiProtected(route: PathComponent) -> any RoutesBuilder {
    return apiUnprotected(route: route)
    // let prefixed = grouped("api", "v1", route)
    // return prefixed.grouped(
    //   UserPasswordAuthenticator(),
    //   UserTokenAuthenticator(),
    //   User.guardMiddleware()
    // )
  }
}