Route Middleware to Check if a User is Authenticated in Node.js

Chris Sevilleja

Route middleware is an extremely powerful tool in Node.js and Express. As an example of how powerful Express's route middleware can be, the awesome Passport.js that handles authentication is a route middleware tool.

Also the other big players you usually use like bodyParser and methodOverride are also considered route middleware.

We'll be looking at a quick way to make sure your users are authenticated before they visit parts of your application.

Our Route



module.exports = function(app) {

    app.get('/hello', function(req, res) {
        res.send('look at me!');
    });

};


Route Middleware Function



...

function isAuthenticated(req, res, next) {

    // do any checks you want to in here

    // CHECK THE USER STORED IN SESSION FOR A CUSTOM VARIABLE
    // you can do this however you want with whatever variables you set up
    if (req.user.authenticated)
        return next();

    // IF A USER ISN'T LOGGED IN, THEN REDIRECT THEM SOMEWHERE
    res.redirect('/');
}


Implementing the Middleware

<

p>Now that we have our function to check if our user is logged in or authenticated, we'll just apply it to our route.



module.exports = function(app) {

    app.get('/hello', isAuthenticated, function(req, res) {
        res.send('look at me!');
    });

};


While this is a simple example, you can see how you can create any function to do checks to see if your user is authenticated, a certain administrator level, or anything else your app needs.

Chris Sevilleja

155 posts

Co-founder of Scotch.io. Slapping the keyboard until something good happens.