Sometimes you just need to protect a specific route (from being crawled, for an admin resource, the perception of security, etc.). With Express.js it’s extremely easy to drop in Connect’s basicAuth middleware (in CoffeeScript):
This will protect the root route (and only the root route) with the username and password from line 4.
"But what if I don’t have
super_secret_stuff, and I just want to protect static content?” No big deal. Use
basicAuth in conjunction with the static middleware: