I am using Express 3.4.8 and have set up a handler for all my routes, checking for privileges.
Let's assume that the credentials (which are sent with every request) are invalid. I'd like to respond with a status of 403 in that case.
app.all('*',function(req,res,next){
//req.body contains an object `credentials`
res.send(403);
});
If i do so, req.body will be an empty object. Note that the request is made from an Angular app and is definetly correct.
As soon as i omit the status, everything will work fine. Like that:
app.all('*',function(req,res,next){
res.send('Im not a status code');
});
In that case, req.body will contain the credentials as expected. Remember, the original request is made externally and never touched.
Can anyone reproduce this and has a tip on how to fix it?
This is slowly corroding my inward peace. the whole process makes absolutely no sense at all. If i do a console.log(req.body)
at the very beginning of the logic, thus before the authCheck decides whether or not the credentials are valid, it still fails.