完全误读了你的问题.如果要调用requireValidToken
某些情况,可以将req和res对象传递给中间件函数以及匿名回调.如何获得中间件功能在很大程度上取决于您的应用程序架构,所以我假设我requireValidToken
在我的上下文中:
var requireRole = function(role) { return function(req, res, next){ // Dummy tests... requireValidToken(req, res, function () { if(req.user.role == roles.admin || req.user.role == role){ next(); } else { return res.status(403)({ success: false, message: "Token valid, but you don't have the right permission to access this resource :)" }); } }); } };