express, sapper, polka authentication idea

src-middleware-authenticated.js

/*

+ assuming you're using cookie-session or similar session

usage:
import authenticated from "./middleware/authenticated.js"
server.use(authenticated)

*/

// ➕ add more routes as needed
const privateRoutes = [
  "/dashboard",
  "/account"
];

// ↪️ where to redirect to login
const loginRoute = "/login";

export default function authenticated(req, res, next) {
  const { url, session } = req;
  let privateRouteFound = false;
  
  // [].some is like for each but you can stop it
  const privateRouteFound = privateRoutes.some(function(privateRoute) {
    if (url.toLowerCase().startsWith(privateRoute.toLowerCase()) === true) {
      // found, stop `some` loop
      return true;
    }

    // not found, keep looping and searching
    return false;
  });

  if (privateRouteFound === true) {
    if (
      // session is blank
      session === undefined ||
      session === null ||
      // or they aren't logged in yet
      session.loggedIn === false
    ) {
      // 🛡shall not pass
      return res.redirect(loginRoute);
    }
  }

  // ✅ should be okay
  next();
}