I'm using node with express and passportjs to restrict access to files located in a private folder. I have reduced my code to the following. Everything in the public static folder works great but route targeting the private folder through the use of the staticMiddleware returns 404 errors.
var express = require('express')
, util = require('util');
var app = express.createServer();
var staticMiddleware = express.static(__dirname + '/private');
app.configure(function() {
app.use(app.router);
app.use(express.logger('dev'));
app.use('/public',express.static(__dirname + '/public'));
});
app.get('/private/:file', function(req, res, next){
console.log('about to send restricted file '+ req.params.file);
staticMiddleware(req, res, next);
});
app.listen(16000);
I was using the following references that seems to work for others, so I must be missing something. It won't work for me showing only 404 responses for the content located in the private area.
Node.js module-specific static resources
NodeJS won't serve static files, even when using express.static
Redirecting to a static file in express.js
I could have sworn I had this working before, maybe it was broken in a new version of something.
- Node v0.8.1
- npm 1.1.12
- express@2.5.11
- connect@1.9.2
sheesh staring at me the whole time
app.get('/private/:file', function(req, res, next){
console.log('about to send restricted file '+ req.params.file);
req.url = req.url.replace(/^\/private/, '')
staticMiddleware(req, res, next);
});
Edit 11-29-2014
So after someone posted to the question I came back to this answer to find that even though I mention passportjs I never showed how I ended up using this function.
var staticMiddlewarePrivate = express['static'](__dirname + '/private');
app.get('/private/*/:file', auth.ensureAuthenticated, function(req, res, next){
console.log('**** Private ****');
req.url = req.url.replace(/^\/private/, '');
staticMiddlewarePrivate(req, res, next);
});
You can also add express.static(__dirname + '/private'); to your app.config.
app.configure(function() {
app.use(app.router);
app.use(express.logger('dev'));
app.use('/public',express.static(__dirname + '/public'));
app.use('/private',express.static(__dirname + '/private'));
});
The private path middleware would be executed anytime a path began with private.
来源:https://stackoverflow.com/questions/11473399/using-express-static-middleware-in-an-authorized-route