1 files changed, 21 insertions, 0 deletions

diff --git a/src/services/users/user.hooks.js b/src/services/users/user.hooks.js
new file mode 100644
index 0000000..daeda68
--- /dev/null
+++ b/src/services/users/user.hooks.js
@@ -0,0 +1,21 @@
+const { hooks } = require ('@feathersjs/authentication-local');
+const { NotAuthenticated } = require('@feathersjs/errors');
+
+const compareUser = async context => {
+  if (context.id !== context.params.user._id.toString()) {
+    throw new NotAuthenticated('You can only PATCH/UPDATE your own user!');
+  }
+  return context;
+};
+
+
+module.exports = {
+  after: {
+    all: hooks.protect('password')
+  },
+  before: {
+    patch: [compareUser],
+    update: [compareUser]
+  }
+};
+