I am trying to learn how to use stormpath with express. I have a fullstack angular/node project that I generated with yeoman and the angular-fullstack generator. I got login, register and forgot password to work. But when I want to add a restriction on one of my routes so it only works for logged in users, it won't let anyone pass.
I initialise stormpath in my app.js on the server like this:
var stormpath = require('express-stormpath');
app.use(stormpath.init(app, {
apiKeyId: 'XXXXXXXXXXXXXXXXXXX',
apiKeySecret: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
application: 'https://api.stormpath.com/v1/applications/XXXXXXXXXXXXXXXXXXX',
secretKey: 'XXXXXXXXXXXXXXXXXXX',
expandCustomData: true,
enableForgotPassword: true
}));
My route in my api index.js file looks like this:
var express = require('express');
var stormpath = require('express-stormpath');
var router = express.Router();
router.post('/:id/vote', stormpath.loginRequired, function(req, res){
console.log("User clicked vote button!");
console.log("User e-mail: "+res.user.email);
});
And the problem I am experiencing is that when I call the post route, I get no logs at all. I am logged in on the site but it seems it doesn't let me access the route. If I remove stormpath.loginRequired, then it works, but then I am missing the user data.
Thank you for the help!
The express-stormpath module isn't yet designed for use with single-page applications like Angular. We have a seperate (beta!) module which is designed for Angular: stormpath-sdk-express
We have a detailed guide which explains how to use that module with Angular:
https://docs.stormpath.com/angularjs/guide/
Note: we are actively working on combining these modules, so there will be a future release where we combine all the features into one.
Hope this helps!