Simple WhoAmI for Loopback

Retrieving the currently authenticated user in a Loopback Application can be done in many ways, and one of them is the one I want to share in this post.

I wanted to be able to utilise the Angular SDK as well as the Explorer, so adding a routing manually in a boot script was not really an option, however simple that might be, so I decided to opt for implementing it as a custom Model.

The first thing to do is to create a whoami.json and whoami.js file in the commons directory.


  "name": "WhoAmI",
  "base": "Model",
  "plural": "whoami",
  "acls": [
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "DENY"
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$authenticated",
      "permission": "ALLOW"


module.exports = function (WhoAmI) {

    WhoAmI.whoAmI = function (req, next) {
        var AccessToken =;
        AccessToken.findForRequest(req, {}, function (aux, accesstoken) {
            var UserModel =;
            UserModel.findById(accesstoken.userId, function (error, user) {
                next(error, user);

            accepts: {arg: 'req', type: 'object', http: {source: 'req'}},
            returns: {arg: 'user', type: 'object'},
            http: {path: '/', verb: 'get'}

Secondly, I make sure to add the model to the model-config.json

"WhoAmI": {
  "dataSource": null,
  "public": true

Now, when you restart the server, you will see the following endpoint having been added to your API


And because of the ACL’s we set in the model, all requests without an access-token are handled by the security of Loopback… so there you go, a nice and easy WhoAmI !

Alternatively… a bootscript

If you for some reason should be inclined to prefer putting it in a boot script, all you have to do is to create a file in the boot directory of the server with the following content

module.exports = function (server) {

    var router = server.loopback.Router();

    router.get('/whoami', function (req, res) {

        var AccessToken = server.models.AccessToken;
        AccessToken.findForRequest(req, {}, function (aux, accesstoken) {
            if (accesstoken == undefined) {
                    'Error': 'Unauthorized',
                    'Message': 'You need to be authenticated to access this endpoint'
            else {
                var UserModel = server.models.User;
                UserModel.findById(accesstoken.userId, function (err, user) {



AppJS… Build Cross-Platform Applications

…for desktop using HTML, CSS, Javascript !

It’s still very early stuff, however its interesting to see how a lightweight container like this may develop into something pretty useful, at least the stack of technologies used is entirely aligned with how I would set out to build a lightweight app container…

Why AppJS?

Because it is simple and yet powerful. Using AppJS you don’t need to be worry about coding cross-platform or learning new languages and tools. You are already familiar with HTML, CSS and Javascript. What is better than this stack for application development? Beside, AppJS uses Chromium at the core so you get latest HTML 5 APIs working. So relax and focus on the task your application should do.


AppJS allows you to use HTML 5 APIs to create attractive applications from Word Processors to 3D Games. You are no longer limited to default GUI widgets that plaforms force you to use. Creating custom UIs is now only limited to your imagination!


Using CSS you can decorate widgets as you like. Create a custom widget in HTML and complete your work with decorating it. Adding shadows, animating elements and transforming objects in 3D space are a few examples of what you can do with CSS 3.


The interesting part of AppJS is that it uses Node.js as the backbone. Node.js has been built to ease the process of developing scalable network applications. But today, you can see Node nearly everywhere! It has a nice API and lots of modules.

Check it out…

Introducing NPM…and a couple of comments

npm is a package manager for node. You can use it to install and publish your node programs. It manages dependencies and does other cool stuff.

Check it out…

However, there are a few comments I would like to attach, and that is e.g. for the installation…

It states on the npm website, that you can execute a one-line install using cURL by entering the following cURL command…

curl | sh

However, if you attempt to do this without using SUDO, you might end up with the following error…

Error: EACCES, Permission denied ‘/usr/bin/npm’

So, to make life easier for yourself, add SUDO to the SH part of the cURL command, so it looks like this, and you will be fine…

curl | sudo  sh

Secondly,  In mac OSX 10.7 compilation fails if you use “make -j n” command , you can use “make”.
Also, if you get some complaints that make command is not found, its probably because xCode (or another make tool) isn’t installed, easiest way around that is to simply install xCode from AppStore…