How do I make sure that a user has the right to delete something when making a delete route

Question

I'm currently writing code using express and MongoDB as my data base. I am storing resumes that the user has inputed, and am currently writing the delete route. My question is, how do I do make sure that the user has the right to delete this specific resume? My current code is this:

// Delete Resume endpoint
router.delete('/:id', (req: Request, res: Response) => {
    const { id } = req.params;

    ResumeModel.findByIdAndDelete(id)
        .then(resume => {
            if(!resume){
                return res.status(404).json({error: 'Resume not found' });
            }
            return res.status(204);
        })
        .catch(err => {
            return res.status(500).json({ error: err });
        });

        return;
});