From 38f8ef23d0325350a245a666e36928e6f876fbeb Mon Sep 17 00:00:00 2001
From: Mikayla Dobson <93477693+innocuous-symmetry@users.noreply.github.com>
Date: Thu, 2 Feb 2023 17:38:31 -0600
Subject: [PATCH] readme

---
 README.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 97e79a1..743d896 100644
--- a/README.md
+++ b/README.md
@@ -22,4 +22,20 @@ specify where the server should listen
 
 ## Steps to extend
 
-(to determine)
+The following middleware (taken from `server/routes/index.js`) can be used anywhere user verification is needed:
+
+```
+app.use('/app', (req, res, next) => {
+    const token = req.headers['authorization'].split(" ")[1];
+    jwt.verify(token, process.env.SECRET, (err, data) => {
+        if (err) {
+            res.status(403).send(err);
+        } else {
+            req.user = data;
+            next();
+        }
+    })
+})
+```
+
+Additional passport strategies may also be included for auth workflows such as OAuth 2.0