Express NYMag User
Volunteering user information for internal use. This is not authentication; It just looks for a plain-text, unsigned cookie that contains a username and LDAP groups.
All authorization logic is encapsulated in the implementation of isProtected.
NOTE: Use with care. It's the same as user's volunteering their own username, and is not auth. Temporary until OAuth.
If redirect_to does not retun valid url (e.g. if host is not defined) and the request should be blocked, the middleware protects via 403.
const express =app =expressNYMagUser =authServer = '';app;
npm install --save @nymdev/express-nymag-auth