Implement an Express.js authentication middleware to protect routes from unauthorized access.

Question

Aryan Kumar · Answer

Sure, here is an example of how you can implement an Express.js authentication middleware to protect routes from unauthorized access:
JavaScript
const express = require('express');
const jwt = require('jsonwebtoken');
const authMiddleware = (req, res, next) => {
  const token = req.headers['authorization'];
  if (!token) {
    return res.status(401).send('Unauthorized');
  }
  try {
    const decodedToken = jwt.decode(token, process.env.JWT_SECRET);
    req.user = decodedToken.user;
  } catch (error) {
    return res.status(401).send('Unauthorized');
  }
  next();
};
module.exports = authMiddleware;
This middleware first checks the authorization header in the request. If the header is not present, the middleware returns a
401 Unauthorized response.
If the header is present, the middleware extracts the token from the header and decodes it using the
jwt library. The decode() method returns an object containing the decoded token, including the user's ID.
The middleware then stores the user's ID in the req.user property. This property can then be accessed by other middleware or routes to check if the user is authorized to access the resource.
Finally, the middleware calls the next() function to continue the request processing.
To use this middleware, you would need to add it to your Express application. For example, you could add it to the
app.use() method:
app.use(authMiddleware);
This would add the middleware to all routes in the application. You could also add the middleware to specific routes by using the
app.route() method:
app.route('/protected').use(authMiddleware);
This would add the middleware to the /protected route only.

forum

Implement an Express.js authentication middleware to protect routes from unauthorized access.

Steilla Mitchel

Can you answer this question?

1 Answers

Liked By