Authenticating requests
The main part of our application is our user dashboard, where our user will be able to create giftlists. Previously, we would access a user's dashboard by passing the user id in the dashboard URL. Obviously, there is no authentication here, and it's not a secure way of doing it.
Now we want users to log in before viewing only their own dashboard. If they go to the dashboard URL directly, they should be redirected to a login page.
We are going to handle this in stereotypical Express fashion by writing a piece of middleware to handle adding authentication for routes.
Adding authentication-check middleware
Passport gives us in-session access to check if a user is currently authenticated. We can use this to easily protect whole ...
Get Mastering JavaScript Single Page Application Development now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
