Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

passport.js with multiple authentication providers?

Using Passport.js is there a way for me to specify multiple authentication providers for the same route?

For example (from passport's guide) can I use local and facebook and twitter strategies on the sample route below?

app.post('/login',   passport.authenticate('local'), /* how can I add other strategies here? */   function(req, res) {     // If this function gets called, authentication was successful.     // `req.user` contains the authenticated user.     res.redirect('/users/' + req.user.username);   }); 
like image 914
cgiacomi Avatar asked Dec 23 '13 14:12

cgiacomi


People also ask

Can Passport use multiple strategies?

Passport's middleware is built in a way that allows you to use multiple strategies in one passport.

Can I use Passport with JWT?

A Passport strategy for authenticating with a JSON Web Token. This module lets you authenticate endpoints using a JSON web token. It is intended to be used to secure RESTful endpoints without sessions.

How does Passport js handle authorization?

Authorization is performed by calling passport. authorize() . If authorization is granted, the result provided by the strategy's verify callback will be assigned to req.account . The existing login session and req.

Is it good to use Passport js?

Passport is a popular, modular authentication middleware for Node. js applications. With it, authentication can be easily integrated into any Node- and Express-based app. The Passport library provides more than 500 authentication mechanisms, including OAuth, JWT, and simple username and password based authentication.

What is the difference between passportjs session and authenticate?

What isn't made completely clear is that sessions are just another authentication strategy in the PassportJS world. passport.session () is equivalent to passport.authenticate ('session'). So, when you login with a username and password, you aren't just authenticating once.

How to start user authentication with NodeJS passport?

I register the user and redirect them to the login page. The form, views/login.ejs, collects the user details named email and password and sends them to the /users/login route, accessible through routes => users.js. And that is where Nodejs passport starts user authentication. I am telling passport middleware, "Hey, passport.

How does passport work in JS?

Passport intercepts the login form data and stores it in Fields, for example, username + Field = usernameField. In this case, passport.js attaches the incoming form name s as username, email, or password.

What is the difference between authentication and authorization in NodeJS?

Authentication is knowing the users of your application. On the other hand, authorization entails controlling the information accessible to each user. Nodejs passport stands between a browser (also known as the client or user-agent) and the server, identifying logged-in users.


1 Answers

Passport's middleware is built in a way that allows you to use multiple strategies in one passport.authenticate(...) call.

However, it is defined with an OR order. This is, it will only fail if none of the strategies returned success.

This is how you would use it:

app.post('/login',   passport.authenticate(['local', 'basic', 'passport-google-oauth']), /* this is how */      function(req, res) {        // If this function gets called, authentication was successful.        // `req.user` contains the authenticated user.        res.redirect('/users/' + req.user.username); }); 

In other words, the way to use it, is passing an array containing the name of the strategies you want the user to authenticate with.

Also, dont forget to previously set up the strategies you want to implement.

You can confirm this info in the following github files:

Authenticate using either basic or digest in multi-auth example.

Passport's authenticate.js definition

like image 169
Danilo Ramirez Avatar answered Sep 28 '22 06:09

Danilo Ramirez