From ff01549d905bc5512517f73f77f5546c77c03de6 Mon Sep 17 00:00:00 2001
From: Nils Schiwek <156780590+Nils-Schiwek@users.noreply.github.com>
Date: Fri, 29 Nov 2024 15:04:12 +0100
Subject: [PATCH] Auth explanation request

---
 node.js/authentication.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/node.js/authentication.md b/node.js/authentication.md
index 253b2395c..3360f05cb 100644
--- a/node.js/authentication.md
+++ b/node.js/authentication.md
@@ -18,6 +18,9 @@ uacp: This page is linked from the Help Portal at https://help.sap.com/products/
 [user]: #cds-user
 [`req.user`]: #cds-user
 
+afaik we cannot (or should not) use req.user any more. Instead we use cds.context.user in the middleware now. 
+We need some explanation on the different users here. Today I had to debug and identify an anonymous user. This is not documented yet, so please elaborte here or somewhere else.
+
 Represents the currently logged-in user as filled into [`req.user`](events#user) by authentication middlewares.
 Simply create instances of `cds.User` or of subclasses thereof in custom middlewares.
 For example: