passport login authentication without password field

Question

I am building user registration using nodejs and express. I am creating a new user without any passport or any authentication strategy. what I want is user should be treated as logged in once he registered successfully. So I am building login api for user. Where user can authentic using only email field (as I am not storing any password with user). But I am not able to validate user as I am getting 'missing credential' in passport authentication.

app.js

var config = require('./config/development');
var passport = require('passport');
var cookieParser = require('cookie-parser');
var bodyParser   = require('body-parser');
var session      = require('express-session');

var  app = express();

//connect db 
mongoose.connect(config.db);
mongoose.set('debug', config.mongoose.debug);

require('./config/passport')(passport); // pass passport for configuration

//initialize all models
var modelsPath = require('path').join(__dirname, 'models');
require('fs').readdirSync(modelsPath).forEach(function(file) {
  require('./models/' + file);
});


// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');


app.use(logger('dev'));
app.use(bodyParser.json());
app.use(expressValidator());

app.use(bodyParser.urlencoded({
  extended: false
}));
app.use(cookieParser());

/// required for passport
app.use(session({
secret: 'anystringoftext',
saveUninitialized: true,
resave: true
})); // session secret
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions

app.use(express.static(path.join(__dirname, 'public')));


require('./routes')(app, passport);

passport.js

var mongoose = require('mongoose'),
  LocalStrategy = require('passport-local').Strategy,
  User = require('../models/users');

module.exports = function(passport) {
  // Serialize the user id to push into the session
  passport.serializeUser(function(user, done) {
    done(null, user.id);
  });

  // Deserialize the user object based on a pre-serialized token
  // which is the user id
  passport.deserializeUser(function(id, done) {
    User.findOne({
      _id: id
    }, function(err, user) {
      done(err, user);
    });
  });

  // Use local strategy
  passport.use(new LocalStrategy({
      usernameField: 'email',
      passReqToCallback : true
    },
    function(email, password, done) {
    User.findOne({
      email: email
    }, function(err, user) {
      if (err) {
        return done(err);
      } else {
      return done(null, user);
      }
    });
    }
  ));

  return passport;
};

routes/user.js

module.exports = function(app, passport) {
app.post('/login', function(req, res, next) {
  passport.authenticate('local', function(err, user, info) {
    if (user === false) {
      res.json('no user found');
    } else {
      res.json('login successful');
    }
  })(req, res, next);
});
};

Will anyone please help me to figure out what am I doing wrong here.

Tyson Steele Decker · Accepted Answer

You're halfway there. You can use passport-local and have it only require a username field.

You can override the username and password field to use the same key.

passport.use(new LocalStrategy({
  usernameField: 'email',
  passwordField: 'email',
  passReqToCallback : true
},

Then it only requires that you include one field in the login request.

passport login authentication without password field

Tags:

node.js

passport-local

zulekha

1 Answers

Tyson Steele Decker

Recent Activity

Donate For Us

passport login authentication without password field

Tags:

node.js

passport-local

zulekha

1 Answers

Tyson Steele Decker

Related questions

Recent Activity

Donate For Us