From 8d47a7444be894b35cf99501c50e9773cb2d3af3 Mon Sep 17 00:00:00 2001
From: juancarmore <juancar_more2@hotmail.com>
Date: Wed, 14 Jan 2026 17:02:09 +0100
Subject: [PATCH] backend: reorder authentication validators for consistency in
 recording and room routes

---
 .../src/middlewares/recording.middleware.ts   |  4 ++--
 .../backend/src/routes/recording.routes.ts    | 20 +++++++++----------
 meet-ce/backend/src/routes/room.routes.ts     | 10 +++++-----
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/meet-ce/backend/src/middlewares/recording.middleware.ts b/meet-ce/backend/src/middlewares/recording.middleware.ts
index 03213a09..f65b5204 100644
--- a/meet-ce/backend/src/middlewares/recording.middleware.ts
+++ b/meet-ce/backend/src/middlewares/recording.middleware.ts
@@ -88,8 +88,8 @@ export const setupRecordingAuthentication = async (req: Request, res: Response,
 	// This will allow API key, registered user and room member token access.
 	const authValidators = [
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	];
 	return withAuth(...authValidators)(req, res, next);
 };
diff --git a/meet-ce/backend/src/routes/recording.routes.ts b/meet-ce/backend/src/routes/recording.routes.ts
index 016f1898..0d893e5a 100644
--- a/meet-ce/backend/src/routes/recording.routes.ts
+++ b/meet-ce/backend/src/routes/recording.routes.ts
@@ -33,8 +33,8 @@ recordingRouter.get(
 	'/',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	validateGetRecordingsReq,
 	authorizeRecordingAccess('canRetrieveRecordings'),
@@ -44,8 +44,8 @@ recordingRouter.delete(
 	'/',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	validateBulkDeleteRecordingsReq,
 	authorizeRecordingAccess('canDeleteRecordings'),
@@ -55,8 +55,8 @@ recordingRouter.get(
 	'/download',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	validateBulkDeleteRecordingsReq,
 	authorizeRecordingAccess('canRetrieveRecordings'),
@@ -73,8 +73,8 @@ recordingRouter.delete(
 	'/:recordingId',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	withValidRecordingId,
 	authorizeRecordingAccess('canDeleteRecordings'),
@@ -91,8 +91,8 @@ recordingRouter.get(
 	'/:recordingId/url',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	validateGetRecordingUrlReq,
 	authorizeRecordingAccess('canRetrieveRecordings'),
diff --git a/meet-ce/backend/src/routes/room.routes.ts b/meet-ce/backend/src/routes/room.routes.ts
index 4b06df22..b76e0523 100644
--- a/meet-ce/backend/src/routes/room.routes.ts
+++ b/meet-ce/backend/src/routes/room.routes.ts
@@ -62,8 +62,8 @@ roomRouter.get(
 	'/:roomId',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	withValidRoomId,
 	authorizeRoomAccess,
@@ -81,8 +81,8 @@ roomRouter.get(
 	'/:roomId/config',
 	withAuth(
 		apiKeyValidator,
-		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER),
-		roomMemberTokenValidator
+		roomMemberTokenValidator,
+		tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER, MeetUserRole.ROOM_MEMBER)
 	),
 	withValidRoomId,
 	authorizeRoomAccess,
@@ -150,7 +150,7 @@ roomRouter.delete(
 
 roomRouter.get(
 	'/:roomId/members/:memberId',
-	withAuth(apiKeyValidator, tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER), roomMemberTokenValidator),
+	withAuth(apiKeyValidator, roomMemberTokenValidator, tokenAndRoleValidator(MeetUserRole.ADMIN, MeetUserRole.USER)),
 	withValidRoomId,
 	authorizeRoomMemberAccess,
 	roomMemberCtrl.getRoomMember