Categories
basic-authentication express node.js

Is it possible to apply basic authentication / middleware in on routes with a whitelist in Express?

I’m implementing a RESTful API with Express in Node, and I’m new to both. I’d like to use basic authentication to control access.

I would like to apply it using something like a whitelist but I’m not sure how to do that.

Blacklisting is easy, I can just pepper my #VERB calls with the second argument:

app.get('/', asyncAuth, requestHandler);

I can take that even further and blacklist everything with:

app.all('*', asyncAuth, requestHandler);

But I want to apply my basicAuth to every single route, except for POST /users. Is there an elegant way to do that? Can I use the ‘blacklist’ approach then selectively remove it from the routes I’d like? I couldn’t figure out how.