Reputation: 33

Limit acces to users Node.js

I want to limit access to the /secrets route only to users

app.get("/secrets", function(req, res){

  Post.find({}, function(err, posts){
    res.render("secrets", {
         posts: posts
      });
  });
});

I know it should be something like this:

app.get("/secrets", function(req, res){
  if (req.isAuthenticated()){
    res.render("secrets");
  } else {
    res.redirect("/login");
  }
});

But I don't know how to proceed since I already have a callback function.

Upvotes: 1

Answers (3)

Lajos Arpad

Reputation: 76464

The second code you gave is the wrapper, because first you check whether the user is authenticated. If so, then you operate normally and send a POST request to find posts, while if not, then you redirect to login.

app.get("/secrets", function(req, res){
  if (req.isAuthenticated()){
  //start
      Post.find({}, function(err, posts){
          res.render("secrets", {
              posts: posts
          });
      });
  //end
  } else {
    res.redirect("/login");
  }
});

Upvotes: 1

Prakitidev Verma

Reputation: 76

You can use middleware it goes something like this.

app.get("/secrets", secretsPermissionCheck, function(req, res){
  // do your request processing
  }
});

you can write below code in your middleware folder.

module.exports = function secretsPermissionCheck(req, res, next){
        if(!isAuthenticated()) {
            res.redirect("/login")
    }else {
        next();
    }

}

Upvotes: 2

ayal

Reputation: 33

app.get('/secrets', checkAuthentication, function (req, res) {
  Post.find({}, function (err, posts) {
    res.render("secrets", {
      
      posts: posts
    });
  });
});
function checkAuthentication(req, res, next) {
  if (req.isAuthenticated()) {
    

    next();
  } else {
    res.redirect("/login");
  }
}

Upvotes: 0

Limit acces to users Node.js

Answers (3)

Related Questions