Route Middleware to Check if a User is Authenticated in Node.js

Chris Sevilleja
👁️ 57,662 views
💬 comments

Route middleware is an extremely powerful tool in Node.js and Express. As an example of how powerful Express's route middleware can be, the awesome Passport.js that handles authentication is a route middleware tool.

Also the other big players you usually use like bodyParser and methodOverride are also considered route middleware.

We'll be looking at a quick way to make sure your users are authenticated before they visit parts of your application.

Our Route


app.get('/hello', function(req, res) {
    res.send('look at me!');
});

Route Middleware Function


...

function isAuthenticated(req, res, next) {
  // do any checks you want to in here

  // CHECK THE USER STORED IN SESSION FOR A CUSTOM VARIABLE
  // you can do this however you want with whatever variables you set up
  if (req.user.authenticated)
      return next();

  // IF A USER ISN'T LOGGED IN, THEN REDIRECT THEM SOMEWHERE
  res.redirect('/');
}


Implementing the Middleware

Now that we have our function to check if our user is logged in or authenticated, we'll just apply it to our route.

    
app.get('/hello', isAuthenticated, function(req, res) {
  res.send('look at me!');
});

While this is a simple example, you can see how you can create any function to do checks to see if your user is authenticated, a certain administrator level, or anything else your app needs.

Chris Sevilleja

166 posts

Co-founder of Scotch.io. Slapping the keyboard until something good happens.