Below the Radar
Reputation: 7635
Express4.js - route only if there is an active passport.js session
I am using passport.js and express4.js. I would like to know if there is an automatic way to verify if the client as opened a session with passport.js when he try to access a view?
Actually I am doing like this to verify if the client can access an url:
router.get('/[0-9]{3}/', function(req, res, next){
var path_codecs = req.originalUrl.split('/')[2];
if (!req.user) {
res.redirect('/login');
}
if (req.user.dataValues.codecs !== path_codecs) {
next();
}
res.render('decoupage')
});
Do I have to do this verification at each view I want to restrict to session user or is there a more automatic way to define what views can be accessed and not?
Upvotes: 0
Views: 39
Answers (1)
Nick Tomlin
Reputation: 29261
You can use req.user (which Passport will set after a successful authentication).
I usually use this in a thin middleware like so:
function isAuthenticatedMiddleware (req, res, next) {
if (req.user) { return next(); }
next('AuthenticationError');
}
router.get('/[0-9]{3}/', isAuthenticatedMiddleware, function(req, res, next){
You can easily add this to all routes on a router with express's router.all
router.all('*', isAuthenticatedMiddleware);
Upvotes: 3
Related Questions
- How to know if user is logged in with passport.js?
- How to check Passport isAuthenticated on express.Router()
- Node.js check if another user is logged in
- Checking if a user is logged in with PassportJS / ExpressJS
- How to use passport to check user auth on certain route in Express
- Node.js: Passport, checking if the user had already logged in
- Express: Using Passport to authenticate using a session
- maintaining session on different routes
- How can I manage sessions with Passport JS for some routes using express?
- PassportJS how to check if user is logged in?