Create @Authorized decorator

[snajima]

• Separate what @CurrentUser and @Authorized does
  • @CurrentUser returns a UserModel if it exists, undefined otherwise
  • @Authorized does nothing if user is authorized, returns an Unauthorized exception otherwise
    • @Authorized follows this: https://github.com/typestack/routing-controllers#authorized-decorator
  • Potentially make an @OptionalAuthorized middleware as well

[mateow99]

the reason for forced unwrapping is for a method like getSavedPostsByUserId. @ currentUser is used but we need the userId to then leftJoin the saved column, which means the user we get will not be undefined, even though type inference says it might be. This is a case where we want to force unwrap the UserModel. Addressing this issue does not seem to address the need for the forced unwrapping of a (UserModel | undefined) type