Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Local passport authorization on different ports

I have a node.js application running on port 5000, where I use passport.js as authorization. I authorize users from a post request, where I use a custom callback:

this.router.post('/member/login', (req, res, next) => {
      passport.authenticate('local', (err, member, info) => {
        if (err) res.json(400).json({message: "An error ocurred"});
        if (!member) {
          console.log("No member found!");
          return res.status(409).json({message: "No member found!"})
        }
        req.logIn(member, (err) => {
          if (err) {
            console.log(err);
            return res.status(400).json({message: "An error ocurred"});
          }
          return res.json(member);
        });
      })(req, res, next);
    });

This works fine, but when I develop local I have a frontend Angular2 application, which runs on a different port (4200), so in my development I am not possible to get the authorized user: req.user is undefined. I use express-session to store the authorized user.

When I deploy I bundle both applications up together, so everything works.

Does anyone have a good and simple solution for this issue? Again it's only in development I have this problem.

like image 809
DNRN Avatar asked Jun 06 '16 08:06

DNRN


People also ask

What is local in passport authenticate?

The local authentication strategy authenticates users using a username and password. The strategy requires a verify callback, which accepts these credentials and calls done providing a user.

What is passport authorization?

A letter of authorization for a passport is a letter that you, or somebody else, has written that allows another party to pick up their passport from the issuing authority. It is usually written because the person, whose passport it is, is unable to go themselves due to a variety of reasons.

Can passport use multiple strategies?

Passport's middleware is built in a way that allows you to use multiple strategies in one passport.

Is Passport good for authentication?

Passport is a popular, modular authentication middleware for Node. js applications. With it, authentication can be easily integrated into any Node- and Express-based app. The Passport library provides more than 500 authentication mechanisms, including OAuth, JWT, and simple username and password based authentication.


1 Answers

You can hide both services behind proxy, Nginx for example. And both your services will be use 1 address.

NGINX config example

server {
  listen 80;

  server_name example.com;

  proxy_set_header Host $http_host;
  proxy_pass_header Server;
  proxy_set_header X-Forwarded-For $remote_addr;
  proxy_set_header X-Forwarded-Proto $scheme;

  location / {
    proxy_pass http://frontend_address:port;
    proxy_redirect default;
  }

  location ~ /api {
    proxy_pass http://backend_address:port;
    proxy_redirect default;
  }
}

So all requests http://example.com will go to frontend service, and all requests http://example.com/api/ go to backend service.

like image 193
Rusinov Maksim Avatar answered Sep 20 '22 22:09

Rusinov Maksim