I'm implementing a RESTful API with Express in Node, and I'm new to both. I'd like to use basic authentication to control access.
I would like to apply it using something like a whitelist but I'm not sure how to do that.
Blacklisting is easy, I can just pepper my #VERB calls with the second argument:app.get('/', asyncAuth, requestHandler);
I can take that even further and blacklist everything with:app.all('*', asyncAuth, requestHandler);
But I want to apply my basicAuth to every single route, except for POST /users . Is there an elegant way to do that? Can I use the 'blacklist' approach then selectively remove it from the routes I'd like? I couldn't figure out how.