Challenge - 5 Problems

🎖️

Middleware Mastery

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ component_behavior

intermediate

2:00remaining

What happens when multiple auth middlewares are composed in Express?

Consider two middleware functions authA and authB used in sequence in an Express route. What will happen if authA calls next() without error, but authB sends a response and does not call next()?

Express

const authA = (req, res, next) => { console.log('authA'); next(); };
const authB = (req, res, next) => { console.log('authB'); res.status(401).send('Unauthorized'); };
app.get('/secure', authA, authB, (req, res) => { res.send('Welcome'); });

AAn error is thrown because authB does not call next().

BBoth middlewares run and then the final handler sends 'Welcome'.

CThe response 'Unauthorized' is sent and the final handler is never called.

DThe request hangs because authB neither calls next() nor ends the response.

Attempts:

2 left

📝 Syntax

intermediate

2:00remaining

Which middleware composition syntax correctly applies two auth middlewares in Express?

Given two middleware functions auth1 and auth2, which option correctly applies both to a route /dashboard so that auth1 runs before auth2?

Aapp.get('/dashboard', auth1 && auth2, (req, res) => { res.send('Dashboard'); });

Bapp.get('/dashboard', auth1, auth2, (req, res) => { res.send('Dashboard'); });

Capp.get('/dashboard', [auth2, auth1], (req, res) => { res.send('Dashboard'); });

Dapp.get('/dashboard', auth1 || auth2, (req, res) => { res.send('Dashboard'); });

Attempts:

2 left

🔧 Debug

advanced

2:00remaining

Why does this composed auth middleware cause the request to hang?

Examine the following middleware composition. Why does the request to /profile never complete?

Express

const checkToken = (req, res, next) => { if (!req.headers.token) { res.status(401).send('No token'); } else { next(); } };
const verifyUser = (req, res, next) => { if (req.headers.token === 'valid') { next(); } else { res.status(401).send('Invalid token'); } };
app.get('/profile', checkToken, verifyUser, (req, res) => { res.send('User Profile'); });

ABecause verifyUser does not call next() or send a response when token is invalid, causing the request to hang.

BBecause checkToken sends a response and calls next(), causing double responses.

CBecause the route handler is missing a response call.

DBecause the middleware functions are in the wrong order.

Attempts:

2 left

❓ state_output

advanced

2:00remaining

What is the value of req.user after this middleware composition?

Given these two middlewares, what will be the value of req.user in the final handler?

Express

const authA = (req, res, next) => { req.user = { id: 1, role: 'user' }; next(); };
const authB = (req, res, next) => { if (req.user.role === 'user') { req.user.permissions = ['read']; } next(); };
app.get('/data', authA, authB, (req, res) => { res.json(req.user); });

A{"id":1,"role":"user","permissions":["read"]}

B{"id":1,"role":"user"}

Cundefined

D{"permissions":["read"]}

Attempts:

2 left

🧠 Conceptual

expert

2:00remaining

Which statement best describes middleware composition for layered authentication in Express?

When building layered authentication with multiple middleware functions in Express, which statement is true about their composition and execution?

AMiddleware functions can only be composed using arrays, not as separate arguments.

BMiddleware functions run in parallel and the first to send a response ends the request.

CMiddleware functions automatically merge their results into a single object passed to the final handler.

DMiddleware functions run in the order they are declared; each must call next() to pass control, or send a response to end the chain.

Attempts:

2 left