Came across this in my testing earlier but if you protect a route with stormpath.authenticationRequired, the authentication check will not occur if the express application didn't bring in the cookie-parser middleware via the following:
import express from 'express';
import stormpath from 'express-stormpath'
import cookieParser from 'cookie-parser'
const application = express();
application.use(cookieParser());
application.use(stormpath.init(application, stormpathConfiguration));
// This will always respond with authenticated(well reroute) if cookie-parser wasn't included.
application.get('/myAwesomeRoute', stormpath.authenticationRequired, function(req, res){
res.status(200).json(someAwesomeObject);
}
Proposing to add this to the README.md as a required component right above this section:
9. Protect Your Routes
Open to making a PR if you're comfortable with the addition @robertjd
Came across this in my testing earlier but if you protect a route with
stormpath.authenticationRequired
, the authentication check will not occur if the express application didn't bring in thecookie-parser
middleware via the following:Proposing to add this to the
README.md
as a required component right above this section: 9. Protect Your RoutesOpen to making a PR if you're comfortable with the addition @robertjd
Note: The walkthrough does reference the usage of cookie-parser but it would be good to also include it here in the README. https://stormpath.com/blog/build-app-nodejs-express-passport-stormpath