Open mzahidriaz opened 8 years ago
i think i m having the same problem, it looks like the auth middleware executes for every request, even if it hasn't got authentication.required()
on that route
i can't see a flag or anything in the request that would let me bypass the auth process if it s not required
could you please drop some hint on what to do?
cheers
I think you may be using express middlewares incorrectly.
If you have done something like this
app.use(session); app.get('/handlers', session.succeeded(), redirect()); app.post('/login', login())
Then both handlers and login will be authenticated based on the order of middlewares registered using app.use()
Either
app.post('/login', login()) app.use(session); app.get('/handlers', session.succeeded(), redirect());
or
app.post('/login', login()) app.use(session); app.get('/handlers', redirect());
will give you the correct result
How can I turn off it to not authenticate certain requests? or more precisely how can I validate some request while ignoring other requests?