express-unless
express-unless copied to clipboard
jfromaniello
Params in URL
I have an end point at /v1/report using express-jwt to enforce authorization. That end point takes params like this:
router.get('/:type/:email/:date?/', function ...
however, adding the urls to unless after it won't work for that end point. It does work for the other two. My feeling is that it seems to believe that the parameters are, in fact, part of the end point rather than parameters. Is this the case?
app.use(expressJwt({ secret: config.SECRET })
.unless({ path: [ '/v1/auth', '/v1/is-alive', '/v1/report' ] }));
I'm sure this is just a lack of understanding on my part of the unless implementation, but I'm hoping you can assist in figuring out a way to allow for it.
Anything more on this? At the moment, I've given a function to .unless in order to complete this. However, it would be nice to see an official solution?
After further review and digging around I found that regular expressions can be used, which accomplishes what I needed. Given that having parameters in the path is pretty common I'd suggest making the documentation more obvious and up front as currently the main README.md doesn't list that possibility at all.
Love .unless though :)
@alexpchin Just so you have an answer for you... the solution is as so:
.unless({
path: [
/\/v1\/data\/devices-.*\.xml/
] });
This checks for /v1/data/devices-[something].xml
Notice there are NOT quotes around the regex but /.../
Hi, I'm protecting my API by JWT. I tried to protect anything but GET of the list of objects or getting an object by id from my API
app.use(expressJWT({ secret: process.env.AUTH0_CLIENT_SECRET }).unless(
{path:[
{url: '/api/v1/apps', methods: ['GET']},
{ url: [/^\/api\/v1\/apps\/.*/], methods: ['GET'] }
]}));
So calling
GET /api/v1/apps/5803c81d5785b314401d5ad5
results in a 401.
POST, PUT, DELETE works
Any ideas? Many thanks.
Hi, Above regex nor working for me. the path I need call like
/api/:id => /api/fg3434
