Reputation: 435
Restrict Express session middleware to certain routes
I'm using Express to build a web site. I'm serving static files and have a REST API. For the static files I'm using the session middleware to restrict certain pages to logged in users. The downside to this is that the REST API has cookies in the HTTP header. Can I restrict certain routes to not use cookies? Is this what the mount function is for?
Upvotes: 0
Views: 1377
Answers (1)
Reputation: 15003
Well, if you're setting or requiring cookies, you must be using some sort of middleware function to do so (since there's nothing in Express per se that would do it). If you wrote the middleware function yourself, you just need to rewrite it to be a little more picky about when to set/require cookies. If you're using a pre-written middleware function, try putting it later in the stack than any route functions that shouldn't be requiring cookies (this will generally mean putting app.use(express.router); ahead of any app.use(...) call that invokes a cookie-dependent middleware function).
If this doesn't make sense to you, please post what you're doing (after stripping it down to a minimal test case).
Upvotes: 2
Related Questions
- Express Session Middleware
- Use specific middleware in Express for all paths except a specific one
- Express Set Session for Specific Routes
- Using Express.JS middleware on only some routes
- Express.js add middleware to only one special route
- How to pass middleware to specified routes in express node.js
- Express.js require session to access particular routes
- How can I use Node.js Express-session inside a conditional middleware?
- NodeJS + Express - Apply session middleware to some routes