Route Securing Node.JS

Hey there I am attempting to lock down the route /dashboard however when I route it I am not stopped. Any idea on what I’m doing wrong here? Using Node.JS

const express = require('express');

const { auth } = require('express-openid-connect');

const path = require('path');

const { requiresAuth } = require('express-openid-connect');

const app = express();

const config = {

authRequired: false,

auth0Logout: true,

// hidden

};

// auth router attaches /login, /logout, and /callback routes to the baseURL

app.use(auth(config));

// Serve static files under '/FrontEnd' with authentication

app.use('/FrontEnd', requiresAuth(), express.static(path.join(__dirname, '../../FrontEnd')));

// Define routes

app.get('/', (req, res) => {

res.sendFile(path.join(__dirname, '../../FrontEnd/html/index.html'));

});

app.get('/dashboard', requiresAuth(), (req, res) => {

res.sendFile(path.join(__dirname, '../../FrontEnd/html/home.html'));

});

Hey @SavDevv welcome to the community!

Hmm I’m not seeing anything in the code shared that stands out :thinking: Is there any other middleware involved or perhaps something in config that could be causing issues?

If you haven’t already, I definitely recommend pulling down the sample app in order to compare and contrast. I just did some quick testing with the sample app and am unable to reproduce the behavior you’re seeing.

Hey there!
I’ve tested against the sample app however nothing is showing up that causes any errors. It just sends me to that restricted page.

const express = require('express');
const { auth } = require('express-openid-connect');
const path = require('path');
const { requiresAuth } = require('express-openid-connect');

const app = express();

const config = {
  authRequired: false,
  auth0Logout: true,
  baseURL: 'http://localhost:3000',
};

// auth router attaches /login, /logout, and /callback routes to the baseURL
app.use(auth(config));

app.use(function (req, res, next) {
  res.locals.user = req.oidc.user;
  next();
});

// Serve static files under '/FrontEnd' with authentication
app.use('/FrontEnd', requiresAuth(), express.static(path.join(__dirname, '../../FrontEnd')));

// Define routes
app.get('/', (req, res) => {
  res.sendFile(path.join(__dirname, '../../FrontEnd/html/index.html'));
});

app.get('/dashboard',requiresAuth(), function (req, res, next) {
  res.sendFile(path.join(__dirname, '../../FrontEnd/html/home.html'),{
    userProfile: JSON.stringify(req.oidc.user, null, 2),
    title: 'Profile page'
  });
});

const port = 3000;
app.listen(port, () => {
  console.log(`Server running at http://localhost:${port}/`);
});

On further investigation this functions:

app.get('/dashboard',requiresAuth(), function (req, res, next) {
  res.sendFile(path.join(__dirname, '../../FrontEnd/html/home.html'), {
    userProfile: JSON.stringify(req.oidc?.user, null, 2),
    title: 'Profile page'
  });
});

However when attempting to log in it wont let me access the route.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.