When doing role based access control/user access control on nodejs/expressjs web application do I just create a middleware and use the if statement in the middleware to chec
