Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Passport not redirecting after authorization

I am running into a problem where when I try to login using passport, the page does not redirect. The authorization return true (correct username, password).

I'm pretty sure it lies somewhere within my validPassword function but i'm not sure exactly.

Login Route

app.get('/login', function (req, res) {
  res.render('login', {});
});

Login Post

app.post('/login',
  passport.authenticate('local', { successRedirect: '/',
                                   failureRedirect: '/login' }));

User Prototype

User.prototype.validPassword = function(username, unhashedPassword) {
  async.waterfall([
    function (callback) {
      User.find({ "username" : username }, function (err, data) {
        if(err) return handleError(err);
        callback(null, data);
      });
    },
    function (data, callback) {
      var isGood = passwordHash.verify(unhashedPassword, data[0].password);
      callback(null, isGood);
    }
  ], function (err, result) {
    return result;
  });
};

Local Strategy

passport.use(new LocalStrategy(
  function(username, password, done) {
    var unhashedPassword = password;
    var passedUsername = username;
    User.findOne({ username: username }, function(err, user) {
      if (err) { return done(err); }
      if (!user) {
        return done(null, false, { message: 'Incorrect username.' });
      }
      if (!user.validPassword(passedUsername, unhashedPassword)) {
        return done(null, false, { message: 'Incorrect password.' });
      }
      return done(null, user);
    });
  }
));

There are no errors being printed out to my console so I'm slightly baffled right now. Is the isGood being returned in the wrong format maybe? Any help would be great.

like image 344
pattmorter Avatar asked Apr 26 '14 18:04

pattmorter


1 Answers

I figured out my problem. The problem lied within my local strategy and my validPassword prototype.

Within my strategy I had a console.log saying error, invalid username or error, invalid password. I also had a console.log in my prototype printing the evaluation of passwordHash.verify(unhashedPassword, this.password).

When I posted to login the console would print as follows:

LOG: valid username (Strategy)
LOG: invalid password (Strategy)
LOG: true (Prototype)

following the flow of logic, LOG: true (prototype) should appear before LOG: invalid password (Strategy) but it was appearing after which means there was a problem with sync somewhere.

Well, I fixed the problem by removing about 15 lines of code and now it works like a beaut.

This is what my auth strategy looks like now.

User.prototype.validPassword

User.prototype.validPassword = function(unhashedPassword) {
  return passwordHash.verify(unhashedPassword, this.password);
};

LocalStrategy

passport.use(new LocalStrategy({
    usernameField: 'username',
    passwordField: 'password'
  },
  function(username, password, done) {
    var unhashedPassword = password;
    var passedUsername = username;
    process.nextTick(function () {
      User.findOne({ username: passedUsername }, function(err, user) {
        console.log('within local strategy', user);
        if (err) { 
          console.log('Error:', err);
          return done(err); 
        }
        if (!user) {
          console.log('Incorrect username:');
          return done(null, false, { message: 'Incorrect username.' });
        }
        if (!user.validPassword(unhashedPassword)) {
          return done(null, false, { message: 'Incorrect password.' });
        }
        return done(null, user);
      });
    });
  }
));

POST Login

app.post('/login',
  passport.authenticate('local', { failureRedirect: '/login' }),
  function(req, res) {
    res.redirect('/');
  });
like image 179
pattmorter Avatar answered Oct 29 '22 16:10

pattmorter