When env=development use middleware to always auth.

api/middleware/alwaysAuthenticatedWhenLocalhost.js

@@ -0,0 +1,6 @@
+const alwaysAuthenticatedWhenLocalhost = (req, res, next) => {
+  req.isAuthenticated = () => true;
+  return next();
+};
+
+module.exports = alwaysAuthenticatedWhenLocalhost;

api/middleware/mustBeAuthenticated.js

@@ -1,10 +1,4 @@
 const mustBeAuthenticated = (req, res, next) => {
-  if (process.env.NODE_ENV == "development") {
-    console.info(`Restricted endpoint ${req.originalUrl}, allowing with environment development.`)
-    req.isAuthenticated = () => true;
-    return next();
-  }
-
   if (!req.isAuthenticated()) {
     return res.status(401).send({
       success: false,

server.js

@@ -39,6 +39,16 @@ const setupHeaders = require(path.join(__dirname, "/api/middleware/setupHeaders"
 app.use(setupCORS);
 app.use(setupHeaders);
 
+if (process.env.NODE_ENV == "development") {
+  console.info(`NODE_ENV=development set, your are now always an authenticated user.`);
+  const alwaysAuthenticatedWhenLocalhost = require(path.join(
+    __dirname,
+    "/api/middleware/alwaysAuthenticatedWhenLocalhost"
+  ));
+
+  app.use(alwaysAuthenticatedWhenLocalhost);
+}
+
 // parse application/json
 app.use(express.json());