Example doesn't protect static routes with passport

jaredhanson / passport-http

HTTP Basic and Digest authentication strategies for Passport and Node.js.

https://www.passportjs.org/packages/passport-http/?utm_source=github&utm_medium=referral&utm_campaign=passport-http&utm_content=about

MIT License

268 stars 110 forks source link

Example doesn't protect static routes with passport #2

Closed PherricOxide closed 12 years ago

PherricOxide commented 12 years ago

This probably isn't a bug, but I want everything on the server to be password protected with basic HTTP authentication. This includes files under the express.static() folder. In the example code provided, none of the static files trigger the passport authentication. How would one do this?

jaredhanson commented 12 years ago

This would be accomplished by using passport.authenticate() as app-level middleware (rather than on specific routes), like so:

app.configure(function() {
  app.use(express.logger());
  app.use(passport.initialize());
  app.use(passport.authenticate('basic'));
  app.use(app.router);
  app.use(express.static(__dirname + '/public'));
});