express: move authentication middleware earlier

Otherwise, it doesn't apply to views.
vincentbernat · Feb 10, 2017 · d9f4a16 · d9f4a16
1 parent 5719649
commit d9f4a16
Showing 1 changed file with 12 additions and 11 deletions.
diff --git a/lib/express.js b/lib/express.js
@@ -37,6 +37,18 @@ if (config.get('forcessl')) {
 logger.express.access(app);
 logger.express.error(app);
 
+// Authentication
+if (config.get('auth:enabled')) {
+  var basic = auth.basic({
+    realm: config.get('auth:realm')
+  }, function(username, password, callback) {
+    // Custom authentication method.
+    callback(username === config.get('auth:username') &&
+             password === config.get('auth:password'));
+  });
+  app.use(auth.connect(basic));
+}
+
 // Asset handling
 var assets = {};
 try {
@@ -88,17 +100,6 @@ app.get('/receiver-:grade', function(req, res) {
 app.use(expressStatic(config.get('path:static'), { extensions: ['html'] }));
 app.use(methodOverride());
 
-if (config.get('auth:enabled')) {
-  var basic = auth.basic({
-    realm: config.get('auth:realm')
-  }, function(username, password, callback) {
-    // Custom authentication method.
-    callback(username === config.get('auth:username') &&
-             password === config.get('auth:password'));
-  });
-  app.use(auth.connect(basic));
-}
-
 if (app.get('env') === 'development') {
   app.set('view cache', false);
   app.use(expressErrorHandler());