Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

JavaScript User Authentication With Express and Mongo Improving the App with Custom Middleware Writing More Middleware

Corey Hayden
Corey Hayden
11,717 Points
Posted by Corey Hayden
Corey Hayden
11,717 Points

Do we need to check for a session AND a userId?

Wouldn't checking for a session.userId be sufficient to check for a logged in status?

1 Answer

Seth Kroger
Seth Kroger
56,413 Points
Seth Kroger
Seth Kroger
56,413 Points

There may or may not be a session, and that needs to be checked for first. If we didn't check and the session didn't exist we'd get an "Uncaught TypeError: Cannot read property 'userId' of undefined", and the server would crash.

Erika Suzuki
Erika Suzuki
20,299 Points
Erika Suzuki
Erika Suzuki
20,299 Points

Wow, thats not nice of node.js

Erika Suzuki
Erika Suzuki
20,299 Points
Erika Suzuki
Erika Suzuki
20,299 Points

But why was this middleware ok?

app.use((req, res, next) => { res.locals.currentUser = req.session.userId; next(); });