Route Middleware to Check if a User is Authenticated in Node.js

Chris Sevilleja
👁️ 68,152 views
💬 comments

Route middleware is an extremely powerful tool in Node.js and Express. As an example of how powerful Express's route middleware can be, the awesome Passport.js that handles authentication is a route middleware tool.

Also the other big players you usually use like bodyParser and methodOverride are also considered route middleware.

We'll be looking at a quick way to make sure your users are authenticated before they visit parts of your application.

Table of Contents

    Our Route

    
    app.get('/hello', function(req, res) {
        res.send('look at me!');
    });
    
    

    Route Middleware Function

    
    ...
    
    function isAuthenticated(req, res, next) {
      // do any checks you want to in here
    
      // CHECK THE USER STORED IN SESSION FOR A CUSTOM VARIABLE
      // you can do this however you want with whatever variables you set up
      if (req.user.authenticated)
          return next();
    
      // IF A USER ISN'T LOGGED IN, THEN REDIRECT THEM SOMEWHERE
      res.redirect('/');
    }
    
    
    

    Implementing the Middleware

    Now that we have our function to check if our user is logged in or authenticated, we'll just apply it to our route.

        
    app.get('/hello', isAuthenticated, function(req, res) {
      res.send('look at me!');
    });
    
    

    While this is a simple example, you can see how you can create any function to do checks to see if your user is authenticated, a certain administrator level, or anything else your app needs.

    Chris Sevilleja

    173 posts

    Founder of Scotch.io. Google Developer Expert in Web Technologies. Slapping the keyboard until something good happens.