'Allowing all images from the images folder in allowURLs list

I have created an allowedURLs list for users who are not logged in but I have to define every image in the folder if the user is not logged in. Is there a way I can make every file in the images folder allowed for users who are not logged in?

app.use((req, res, next) => {
    // console.log(req.session.user)
    let userLoggedIn = req.session.user !=null
    let allowedURLs = [
        '/html/login.html',
        '/css/style.css',
        '/js/login.js',
        '/api/users/login',
        '/js/script.js',
        '/html/footer.html',
        '/favicon.ico',
        '/html/home.html',
        '/html/nav.html',
        '/html/footer.html',
     <---- HERE IS MY ISSUE--->
        `/img/logo.jpeg`,
     <--- HERE IS MY ISSUE --->
        '/html/shows.html',
        '/js.shows.js',
        '/api/shows',
    ]

    let adminOnlyURLS = [
    ]

    if (userLoggedIn) {
        // let them through
        if (adminOnlyURLS.includes(req.originalUrl) && req.session.user.accessRights != "admin") {
            res.redirect("/html/home.html");
        } else {
            next()
        }
    } else {
        if (allowedURLs.includes(req.originalUrl)) {
            //allows the guest user through
            next()
    } else {
            //if not allowed - reditect to the login page
            res.redirect("/html/home.html")
        }
    }  
})

between HERE IS MY ISSUE I need all images to be available to user who are not logged in. This is my app.js file

javascript

Solution 1:^[1]

You could change your allowed urls to an array of strings or regexp's

Then the if changes to

        if (allowedURLs
          .some(url => url.test ? url.test(req.originalUrl) : url === req.originalUrl)
        ) {

See full code below

app.use((req, res, next) => {
    // console.log(req.session.user)
    let userLoggedIn = req.session.user != null;
    let allowedURLs = [
        '/html/login.html',
        '/css/style.css',
        '/js/login.js',
        '/api/users/login',
        '/js/script.js',
        '/html/footer.html',
        '/favicon.ico',
        '/html/home.html',
        '/html/nav.html',
        '/html/footer.html',
        /^\/img\/.*/, // this is a RegExp
        '/html/shows.html',
        '/js.shows.js',
        '/api/shows',
    ];

    let adminOnlyURLS = [
    ];

    if (userLoggedIn) {
        // let them through
        if (adminOnlyURLS.includes(req.originalUrl) && req.session.user.accessRights != "admin") {
            res.redirect("/html/home.html");
        } else {
            next();
        }
    } else {
        if (allowedURLs.some(url => url.test ? url.test(req.originalUrl) : url === req.originalUrl)) {
            //allows the guest user through
            next();
        } else {
            //if not allowed - reditect to the login page
            res.redirect("/html/home.html");
        }
    }
});

Another possibility is

let allowedURLs = [
    '/html/login.html',
    '/css/style.css',
    '/js/login.js',
    '/api/users/login',
    '/js/script.js',
    '/html/footer.html',
    '/favicon.ico',
    '/html/home.html',
    '/html/nav.html',
    '/html/footer.html',
    /^\/img\/.*/, // this is a RegExp
    '/html/shows.html',
    '/js.shows.js',
    '/api/shows',
].map(v => new RegExp(v.replaceAll?.('.', '\\.') ?? v))

then the if can be

if (allowedURLs.some(url => url.test(req.originalUrl))) {

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source
Solution 1

'Allowing all images from the images folder in allowURLs list

Solution 1:[1]

Sources

Related Questions

Solution 1:^[1]