Securing your routes

Hello, I was wondering if I would be doing for example a blog app (using Node.js/Express) where the user need to log in - how should I secure the routes like /:username/addNewPost? I would like to use Passport.js for this task and if I would check before the user reach this rout if he is authenticated with the req.isAuthenticated() method, would it be enough? Where I could learn about how to secure my app with Node.js?