I will need protected routes in my application to prevent security breaches. For example, if a store owner tries navigating to 'http://mysite/dashboard', it shouldn't let them see any content without being the owner of that store. If they aren't logged in or aren't the store owner, it should redirect them to the login page.
How?
I'll be using a package called connect-ensure-login. It can be used as middleware to perform checks on if a user is logged in before taking them to a specific part of the application. Here's an example of usage.
I will need protected routes in my application to prevent security breaches. For example, if a store owner tries navigating to 'http://mysite/dashboard', it shouldn't let them see any content without being the owner of that store. If they aren't logged in or aren't the store owner, it should redirect them to the login page.
How?
I'll be using a package called connect-ensure-login. It can be used as middleware to perform checks on if a user is logged in before taking them to a specific part of the application. Here's an example of usage.
router.get('/dashboard', protect(), dashController.getDashboard)