Not working

[george-norris-salesforce]

csrf.unless = unless;
const csrf = require('csurf');

then add it to middleware...

....
csrf({
    cookie: true
  }).unless({
    path: [router.get('auth')]
  }),
...

results in ....
unless is not a function

another example...

handleExpiredTokens.unless({
path: [{
url: '/foo',
methods: ['POST']
}]
});
function handleExpiredTokens(err, req, res, next) {
// stuff
}

handleExpiredTokens.unless = unless;

module.exports = handleExpiredTokens;
handleExpiredTokens runs on every request including POST /foo

[jfromaniello]

The problem is that you are adding unless to the function that returns the middleware instead of the middleware itself. With these type of middlewares you can do something like this:

const CSURF = require('csurf');
const csurf = CSURF({
  cookie: true
});
csrf.unless = unless;


//then
app.use(csrf.unless({
  path: [router.get('auth')]
}))

[ysageev]

Same problem.

@jfromaniello I don't understand your solution.

const unless = require("express-unless")

function checkAuth(req, res, next) {
   if (req.session.userName) {
      if (req.session.userName) res.locals.userName = req.session.userName
      return next()
   }
   res.status(200).json({ message: "NOT_AUTHENTICATED" })
}

checkAuth.unless = unless

app.use(checkAuth.unless({ path: ["/auth/login"] }))

Error:

TypeError: checkAuth.unless is not a function

Code worked fine in 1.0.0

[jfromaniello]

@ysageev this is a very old comment for v1.0.0... Its a named export in v2.

You need to change to code to do:

const { unless } = require("express-unless")

Please let me know if that works.

[ysageev]

Thanks. Perfect. Sorry for posting to an old thread.