1 comment (1 comment)0 reactions (0 reactions)0 assignees (0 assignees)JavaScript4,175 stars (4,175 stars)267 forks (267 forks)batch import
bughelp wanted
Description
I can hit the back button and get back in.
Contributor guide
- Tech stack
- javascriptnodejsexpress
- Domain
- backendsecurity
- Issue type
- feature
- DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
- 3
- Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
- 1-3 hours
- Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
- stale
- ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
- unclear
- Prerequisites
- JavaScript basicsJWT understandingExpress routing
- Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
- 40
- Research direction
- The issue asks whether to add route protection to prevent users from accessing authenticated routes after logout via the back button. The repo is a JWT tutorial; likely the app lacks middleware to check JWT on protected routes. Research the current middleware structure in the repo, especially files like 'server.js' or 'routes.js', and consider adding a check that verifies JWT on each request. Maintainer input is needed on desired behavior (e.g., redirect to login).