What is “done” callback function in Passport Strategy Configure “use” function

done is a method called internally by the strategy implementation. Then it navigates you, as you can see, to one of the success / error / fail methods (again, by the implementation. there are more options). Each of these options may calls to the next, where in your snippet code is the following: function(req, res) …

Read more

What are the differences between local Basic and Digest strategy in passportjs

If I understand correctly, the differences between the Local, Basic and Digest strategies in Passport.js are subtle but important. Here’s the rundown: Local (passport-local) Passport’s local strategy is a simple username and password authentication scheme. It finds a given user’s password from the username (or other identifier) and checks to see if they match. The …

Read more

Documentation for “ensureAuthentication” “isAuthenticated” passport’s functions?

While not explicitly documented anywhere easily found, you can see where the the isAuthenticated and isUnauthenticated flags are set in the Passport code at https://github.com/jaredhanson/passport/blob/a892b9dc54dce34b7170ad5d73d8ccfba87f4fcf/lib/passport/http/request.js#L74. ensureAuthenticated is not official, but can be implemented via the following: function ensureAuthenticated(req, res, next) { if (req.isAuthenticated()) return next(); else // Return error content: res.jsonp(…) or redirect: res.redirect(‘/login’) } …

Read more

Error: req#logout requires a callback function

Since version 0.6.0 (which was released only a few days ago by the time of writing this), req.logout is asynchronous. This is part of a larger change that averts session fixation attacks. See the release announcement: The other major change is that that req.logout() is now an asynchronous function, whereas previously it was synchronous. For …

Read more

Use multiple local strategies in PassportJS

You can name your local strategies to separate them. // use two LocalStrategies, registered under user and sponsor names // add other strategies for more authentication flexibility passport.use(‘user-local’, new LocalStrategy({ usernameField: ’email’, passwordField: ‘password’ // this is the virtual field on the model }, function(email, password, done) { User.findOne({ email: email }, function(err, user) { …

Read more