Painless Node.js Authentication
Learn how to implement secure authentication for your Node.js applications.
Major Ocelot
Is there a way to avoid passing the middleware as a parameter, such that the middleware is always called for authenticated routes? but not passed in for every route?
Matt Raible
Yes. Try this:
const app = express();
const publicRoutes = express.Router();
// add public routes here
// publicRoutes.get(’/home’, …)
app.use(publicRoutes);
const privateRoutes = express.Router();
privateRoutes.use(oidc.ensureAuthenticated());
// add private routes here
// privateRoutes.get(’/account’, …)
app.use(privateRoutes);
app.listen(…);