passport's req.isAuthenticated always returning false, even when I hardcode done(null, true)

Question

I'm trying to get my Passport local strategy working.

I've got this middleware set up:

passport.use(new LocalStrategy(function(username, password, done) {     //return done(null, user);     if (username=='ben' && password=='benny'){         console.log("Password correct");         return done(null, true);     }     else         return done(null, false, {message: "Incorrect Login"}); })); 

but then in here

app.use('/admin', adminIsLoggedIn, admin);  function adminIsLoggedIn(req, res, next) {      // if user is authenticated in the session, carry on      if (req.isAuthenticated())         return next();      // if they aren't redirect them to the home page     res.redirect('/'); } 

it always fails and redirects to the home page.

I can't figure out why this is happening? Why won't it authenticate?

In my console I can see that's Password Correct is printing. Why won't it work?

Answer 1

I had a similar issue. Could be due to the express-session middleware needed for passport. Fixed it by using middlewares in the following order: (Express 4)

var session = require('express-session');  // required for passport session app.use(session({   secret: 'secrettexthere',   saveUninitialized: true,   resave: true,   // using store session on MongoDB using express-session + connect   store: new MongoStore({     url: config.urlMongo,     collection: 'sessions'   }) }));  // Init passport authentication  app.use(passport.initialize()); // persistent login sessions  app.use(passport.session());