Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Where to put PassportJs local strategy in an express application?

I have an expressjs application and I am trying to get passportjs set up for simple user authentication. My routes are stored in a separate file. I have a routes file (users.js) for all my user related routes. I also have a controller file called UserController that contains all the functions for user related stuff and deals with my database.

My question is, where should I declare the passport strategy so that it follows the MVC pattern?

Putting it in any other file besides the routes file doesn't work as it does not have the passport object.

like image 791
Sagar Desai Avatar asked Jul 23 '15 18:07

Sagar Desai


People also ask

Can Passport use multiple strategies?

Passport's middleware is built in a way that allows you to use multiple strategies in one passport.

What is Passport authenticate (' local ')?

passport-local The local authentication strategy authenticates users using a username and password. The strategy requires a verify callback, which accepts these credentials and calls done providing a user. passport-jwt This module lets you authenticate endpoints using a JSON web token.

How does Passport-local strategy work?

Session based authentication is at the root of the passport-local strategy. This method of authentication is “server-side”, which means our Express application and database work together to keep the current authentication status of each user that visits our application.


1 Answers

I put my passport file in a config folder. Here is an example of a passport.js file. This is for the local-login strategy.

module.exports = function(passport) {

    passport.serializeUser(function(user, done) {
      done(null, user.id);
    }); // if you are using sessions

    passport.deserializeUser(function(id, done) {
      User.findById(id, function(err, user) {
        done(err, user);
      });
    }); // if you are using sessions

    passport.use('local-login', new LocalStrategy({
      usernameField : 'email',
      passwordField : 'password',
      passReqToCallback : true
   },
   function(req, email, password, done) {
     // mongodb example - you have to query for user, 
     // check password, and return user if successful
     User.findOne({ 'local.email' : email },
     function(err, user) {
       if (err) return done(err);

       if (!user) return done(null, false);

       if (!user.validPassword(password) {
         return done(null, false);
       }

       else
         return done(null, user); // all good return user
     });
   });
};

then in app.js I do:

require('./config/passport.js')(passport);


app.use(passport.initialize())

var usersRoutes = require('./server/routes/usersRoutes')(app, express, passport);
app.use('/users', usersRoutes);

then in your routes file:

module.exports = function(app, express, passport) {
  var usersRouter = express.Router();

  return usersRouter;

};

now your passport functions are available in your route. I would search 'easy-node-authentication' for good examples on the web.

like image 61
Evan Avatar answered Sep 21 '22 03:09

Evan