Static server - restrict some paths? #349

Closed
diversario opened this Issue Aug 18, 2011 · 4 comments

Comments

Projects
None yet
2 participants

I'm trying to filter requests based on session status before they are fulfilled by the static server. Basically, I don't want unauthenticated users to be able to load pages other than index.html. Is this possible?

Member

tj commented Aug 18, 2011

yeah sure just add a middleware that looks at the path, and if the req.session.user or whatever is not there then respond in some way

Like this:

app
  .use(myFilteringMiddleware)
  .use(express.static(publicdir + '/public', { maxAge : 864000000 }));

?

Member

tj commented Aug 19, 2011

yeah

Cool, this works:

exports.reqFilter = function(domain, param, value){
  return function reqFilter(req, res, next){
    if (req.headers.host === domain){
      /** do not filter requests for resources other than pages **/
      if (req.session[param] !== value && /.+\.html$/.test(req.url.toLowerCase())){
        req.url = ('/' + domain + '/index.html');
        next();
      } else  
        next();
    } else {
      /** skip middleware if request is not for domain **/
      next();
    }
  }
}

I'm running this behind http-proxy so req.url looks like /domain.com/index.html.

@diversario diversario closed this Aug 19, 2011

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment