authorization middleware on CREATE, UPDATE, DESTROY
AntonTymczenko opened this issue · comments
- give an authToken on login/register in header
- add auth middleware to server
- check if this user has current collection in his list of collections
READ route doesn't have middleware. All collections are public ("shared") by default for now.