2
const auth = require("./api/middleware/check-auth.interceptor");
app.use("/images/cars", auth, express.static("images/cars"));
app.use("/images/repairs", express.static("images/repairs"));

I'm designing an admin panel, only the admin needs to access the image folder by the frontend. With the CheckAuth interceptor, I can protect other http requests from outside access. However, this method was not successful in the image folder

Ali Parlatti
  • 47
  • 1
  • 7
  • Don't use static. static is just that. static. You want to have a controller that serves the file up with middleware that checks access. I usually put everything like images and media files in `./data` not `./static` and serve it up with a route and some perm checks – chovy Nov 02 '22 at 07:52
  • Can you share an example route structure? – Ali Parlatti Nov 02 '22 at 08:18
  • I couldn't find any results, the problem still persists – Ali Parlatti Nov 18 '22 at 20:29
  • While uploading the images, the control is already done, the images I want go through security when requested by the frontend. @chovy – Ali Parlatti Nov 20 '22 at 14:56

0 Answers0