deitch
commented
7 years ago Wrap it in middleware. There are some good answers on stackoverflow, e.g. https://stackoverflow.com/questions/11473399/using-express-static-middleware-in-an-authorized-route and https://stackoverflow.com/questions/21335868/how-to-protect-static-folder-in-express-with-passport and https://stackoverflow.com/questions/5683657/restricting-access-to-static-files-in-expressjs
Short form, don't use app.use(express.static('public')). Instead, create middleware that captures those and, if authenticated, use that. In the first answer (https://stackoverflow.com/questions/11473399/using-express-static-middleware-in-an-authorized-route) he shows how he used passportjs to do it; same idea.
Express can be used to serve static files like so,
app.use(express.static('public'))Is it possible to authorize access to the assets? what would be the route?