Do you need to know who requests are for or need to "enrich" the request before your controller is called?
Typically you would add logic to the method that is called after routes are permitted such as seeing if the user has a valid JWT token or has the right permissions. This common implementation poses several problems. Why should the route even call your method if certain conditions aren't met? And, why litter your code base with duplicate code in every route just to validate things like user permissions and roles?
Enrich your requests by adding context and securing your requests at the same time by using both a ParameterDecorator and Guard.
The idea is to be able to add a decorator to your route method and have it auto-magically give you additional context beyond what the request payload is such as a users profile, permissions, etc.
We need to only create two new typescript files in your src/ directory:
The route guard
Add the logic that will add your contextual information to the request object itself which is then accessed using a parameter decorator (next step):
Create the parameter decorator so we can add it to our route method parameter to "inject" the users profile from above:
Tying it all together now
Simply add the @UseGuards(PrincipalGuard) to your controller or method(s) and then decorate a parameter using @Principal():