Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
express-except-middleware
Advanced tools
express-except-middleware
A middleware to conditionally use other middleware on Express servers
README
This library is a middleware you can use to conditionally use other middleware on Express servers.
Usage
Pass a string to do a simple path match. Eg. Calls authMiddleware unless the
request path matches /public:
except(option: string, ...)
import { except } from 'express-except-middleware'
app.use(except('/public', authMiddleware))
You can pass a string with path parameters. Calls authMiddleware unless the
request path matches /public/:id:
app.use(except('/public/:id', authMiddleware))
except(option: MatchObject, ...)
You can pass an object that will match both the method and path. Method is
case insensitive. Eg. Calls authMiddleware unless a GET request was made
to the path /public.
app.use(except({method: 'GET', path: '/public'}), authMiddleware))
except(option: MatchFunction, ...)
Match using a function. Your function will be called with the request and response
objects. You must return a boolean from your function. Eg. Calls
authMiddleware unless the Authorization header is defined on the request.
const checkHeader = (req, res) => {
return req.headers['Authorization'] === undefined
}
app.use(except(checkHeader, authMiddleware))
except(option: AsyncMatchFunction, ...)
Match using a Promise based function that resolves to a boolean. Your function
will be called the request and response objects. You must resolve to a boolean
from your async function. Eg. Calls authMiddleware unless asyncShouldAuthenticate
function asyncCheck(req, res) {
// Do some async operation here
return asyncShouldAuthenticate()
}
app.use(except(asyncCheck, authMiddleware))
except(option: Array<string | MatchObject | MatchFunction>, ...)
Match using an array of options. This is an OR operation. If at least one option
matches the request, then next() is called and the supplied middleware is
not executed. Eg. Calls authMiddleware unless:
- the request path matches
/public - OR the request method is
GETand path matches/foo - OR the request header
Foobaris undefined - OR the
checkAsync()function resolves to true
const options = [
'/public',
{ method: 'GET', path: '/foo' },
function(req, res) {
return req.headers['Foobar'] === undefined
},
function(req, res) {
return checkAsync()
},
]
app.use(except([], authMiddleware)
FAQs
A middleware to conditionally use other middleware on Express servers
We found that express-except-middleware demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 02 Jan 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025