如何用护照保护快递中的静态文件夹 [英] How to protect static folder in express with passport

问题描述

我有一个基于快递的项目，并具有基于护照的必要身份验证.

I have a project based on express with a required authentication based on passport.

后台是作为静态文件提供的angularjs应用.

The backoffice is an angularjs app served as static files.

我的身份验证代码完全基于

My authentication code is completly based on https://github.com/jaredhanson/passport-local/blob/master/examples/express3-no-connect-flash/app.js

如果您未通过身份验证，则不提供Angular应用程序.我尝试通过在/admin路由上添加sureAuthenticated来尝试，但它使路由无法正常工作(404).一旦删除，请确保已提供/admin的服务.

To do not serve the angular app if you are not authenticated. I have try by adding ensureAuthenticated on the /admin route but it make the route not working (404). Once I remove ensureAuthenticated the /admin is served.

app.use(express.static(path.join(__dirname, 'public')));
app.use('/admin', ensureAuthenticated, express.static(path.join(__dirname, 'admin')));
//serve routes
app.use(app.router);

公用文件夹包含登录页面.

The public folder contains the login page.

我怎么能做到这一点?

推荐答案

您可以使用中间件检查路由，如果它们未登录并进入管理页面，则可以重定向它们，例如(未测试):

You can check the route using middleware and redirect them if they aren't logged in and are hitting admin pages, something like (untested):

app.use(function(req, res, next) {
    if (req.user == null && req.path.indexOf('/admin') === 0)
    {
        res.redirect('/login');
    }
    next(); 
});

这篇关于如何用护照保护快递中的静态文件夹的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！