Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Static server - restrict some paths? #349

Closed
diversario opened this Issue · 4 comments

2 participants

@diversario

I'm trying to filter requests based on session status before they are fulfilled by the static server. Basically, I don't want unauthenticated users to be able to load pages other than index.html. Is this possible?

@tj
Owner
tj commented

yeah sure just add a middleware that looks at the path, and if the req.session.user or whatever is not there then respond in some way

@diversario

Like this:

app
  .use(myFilteringMiddleware)
  .use(express.static(publicdir + '/public', { maxAge : 864000000 }));

?

@tj
Owner
tj commented

yeah

@diversario

Cool, this works:

exports.reqFilter = function(domain, param, value){
  return function reqFilter(req, res, next){
    if (req.headers.host === domain){
      /** do not filter requests for resources other than pages **/
      if (req.session[param] !== value && /.+\.html$/.test(req.url.toLowerCase())){
        req.url = ('/' + domain + '/index.html');
        next();
      } else  
        next();
    } else {
      /** skip middleware if request is not for domain **/
      next();
    }
  }
}

I'm running this behind http-proxy so req.url looks like /domain.com/index.html.

@diversario diversario closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.