Express JS Router Middleware Abstraction

Question

I have developed an API using Node.js + Express JS and i use token-based authentication.

I used two differents routers in this api, userRoute (/USER) and postRoute (/POST). The postRoute can be used within authentication but userRoute needs the token.

To solve that i use a router middleware for userRoute but it interferes with portRoute

This is the code:

...

var postRoute = express.Router();
var userRoute = express.Router();


// Route middleware to verify a token
userRoute.use(function(req, res, next) {
    security.checkToken(req,res, next);
});


userRoute.route('/users') 
    .get(userCtrl.findAllUsers)
    .post(userCtrl.addUser);


postRoute.route('/posts') 
    .get(userCtrl.findAllPosts)
    .post(userCtrl.addPost);


app.use(userRoute);
app.use(postRoute);

...

If i try to access '/posts' the servers checks the token and does not let me in. I know if i change the order of app.use it works, but i dont understand why works in this way if i am using "Router Middleware".

Someone knows?

score 1 · Accepted Answer · answered Oct 26 '16 at 14:06

1

This happens because if the express router implementation, you will be able to understand it quite easily if you have a look at it. Here is the path: node_modules/express/lib/router/index.js. Every time that you call the Router(), like in your case

var postRoute = express.Router();
var userRoute = express.Router();

this function will be invoked:

var proto = module.exports = function(options) { ... }

and it is true that there is a different router instance that is being returned every time. The difference is in the way that the use is registering the middlewares. As you see the use it is registered against the proto.use

proto.use = function use(fn) { ... }

this means that the middleware that you register there they will be registered for every instance of the router that you define.

answered Oct 26 '16 at 14:06

Stavros Zavrakas

3,045
1
17
30

Thanks for your answer. But the theory says that should happens when register an application middleware 'app.use(...)' but not when use router middleware 'yourRoute.use(...)'. If not, which is the difference between app middleware and router middleware? – WikiCode Oct 26 '16 at 15:18
@WikiCode Again if you check the source code `node_modules/express/lib/express.js` line 42 is this: `mixin(app, proto, false);` From what I understand app inherits what route defines. If you want to register a middleware specifically to a route you can do something like that: `app.use('/users', function(req, res, next) { security.checkToken(req,res, next); });` You can have a look here as well: http://stackoverflow.com/questions/28305120/differences-between-express-router-and-app-get – Stavros Zavrakas Oct 26 '16 at 15:26
@WikiCode maybe I'm wrong about it! I got confused with the var names. I' ll come back in a bit. – Stavros Zavrakas Oct 26 '16 at 15:30
@WikiCode The app inherits from the router. There is a comment in the source code as well: `Proxy Router#use() to add middleware to the app router. See Router#use() documentation for details.` – Stavros Zavrakas Oct 26 '16 at 23:39
Thank you, i see. I had a different concept of Routers in Express. – WikiCode Oct 27 '16 at 11:32

Express JS Router Middleware Abstraction

1 Answers1