Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const express = require('express')
- , app = express();
- // route without protection
- app.get('/', (req, res) => {
- res.send('hi')
- })
- app.get('/login', (req, res) => {
- // obviously, you would have some kind of validation of user here before assigning/creating req.session.user
- req.session.user = 'foo';
- res.redirect('/protected');
- })
- // route with protection
- app.get('/protected',
- , (req, res, next) => {
- // once you incorporate express-session middleware, req.session can be used.
- if(req.session.user) {
- next()
- }
- }
- , (req, res) => {
- res.send('protected')
- })
- app.listen(3000, console.log('listening...'))
Add Comment
Please, Sign In to add comment
