Let's implement endpointsfor CRUD users. We will need two types of endpoints:

We have two types of routers defined in server/api/index.js:

const router = express.Router();
const routerAuth = express.Router();

We are going to use the router for open-access endpoints, and routherAuth for accessing authenticated endpoints. We will inject users into the request to differentiate between these two router types:

app.use('/api', injectUserToReq, router);
app.use('/api', authenticate, routerAuth);

We will define authenticate and injectUserToReq inside server/helpers/auth.js:

const getUserFromKey = loginKey =>
  new Promise(resolve => {
    Model.users
      .findOne({ loginKey, deleted: [false, null] })
      .then(user => resolve(user))
      .catch(() => resolve(null));
  });

const cookieExtractor = req => {
  let tokenIn = null;
  if (req.cookies &amp...