express-authfilter

A simple node auth filter middleware for express.

authfilter

A simple auth filter middleware for express.

// ... whip up an express app 
 
// create an auth filter 
var filter = require('authfilter').create({
    // private zone, true for white list mode 
    deny: true,
    // public zone 
    allow: [
        '/public'
    ],
    // check user login state 
    checkfunction (reqres) {
        return Boolean(req.session.user);
    },
    // login method 
    loginfunction (reqres) {
        res.rediect('/login');
    }
});
 
app.use(filter);
 
app.get('/login', function (resres) {
    res.session.user = 'pw';
});
 
app.get('/public', function (reqres) {
    res.send('you are in public zone');
});
 
app.get('/private', function (reqres) {
    res.send('you are in private zone');
});

Return an auth filter middleware for express/connect.

  • options.allow [String|RegExp]
  • Define an url list which allow user visit without auth check. Set to true to enable whitelist mode.
  • options.deny [String|RegExp]
  • Define an url list which allow user visit with auth check. Set to true to enable blacklist mode.

In white list mode, auth filter will give green light to all urls expect match in option.deny list, black list mode's behavior is the opposite.

MIT