ken February 2016

How to configure and package passport as a one module?

I test my routes in Advanced Rest Client, and with my code the output is 401, Unauthorized. I don't understand why this is happening. I packaged my authentication in one module. Then, I invoke it in my server file with wagner-core(dependency injector):

wagner.invoke(require('./passport-init'),{ app: app })

passport.js:

'use strict'
const bCrypt = require('bcryptjs')
const passport = require('passport')
const LocalStrategy = require('passport-local').Strategy
const session = require('express-session')

module.exports = (User, app) => {
  passport.serializeUser((user, done) => {
    done(null, user._id)
  })

  passport.deserializeUser((id, done) => {
    User.findOne({ _id: id }).exec(done)
  })

  passport.use('login', new LocalStrategy({ passReqToCallback: true }, (req, username, password, done) => {
    User.findOne({ username: username }, (err, user) => {
      if (err) { return done(err) }
      if (!user) { return done(null, false, { message: 'Invalid username' }) }
      if (!isValidPassword(user, password)) {
        return done(null, false, { message: 'Invalid password' })
      }
      return done(null, user)
    })
  }))

  app.use(session({
    secret: process.env.SESSION_SECRET || 'secret',
    resave: false,
    saveUninitialized: false
  }))
  app.use(passport.initialize())
  app.use(passport.session())

  app.post('/login', passport.authenticate('login'), (req, res) => {
    res.redirect('/users/' + req.user.username)
  })
}

function isValidPassword (user, password) {
  return bCrypt.compareSync(password, user.password)
}

Answers


ken February 2016

I figured it out. It was something to do with my routes, and isValidpassword function.

Heres the amended code:

'use strict'
const bCrypt = require('bcryptjs')
const passport = require('passport')
const LocalStrategy = require('passport-local').Strategy
const session = require('express-session')

module.exports = (User, app) => {
  passport.serializeUser((user, done) => {
    done(null, user._id)
  })

  passport.deserializeUser((id, done) => {
    User.findById(id, (err, user) => {
      done(err, user)
    })
  })

  passport.use('login', new LocalStrategy({ passReqToCallback: true }, (req, username, password, done) => {
    process.nextTick(() => {
      User.findOne({ username: username }, (err, user) => {
        if (err) { return done(err) }
        if (!user) { return done(null, false, { message: 'Invalid username' }) }
        if (!user.password) {
          bCrypt.compareSync(password, user.password)
          return done(null, false, { message: 'Invalid password' })
        }
        return done(null, user)
      })
    })
  }))

  passport.use('signup', new LocalStrategy({ passReqToCallback: true }, (req, username, password, done) => {
    process.nextTick(() => {
      User.findOne({ username: username }, (err, user) => {
        if (err) { return done(err) }
        if (user) {
          return done(null, false, { message: 'User already exists' })
        } else {
          let newUser = new User()
          newUser.username = req.body.username
          newUser.password = createHash(req.body.password)
          newUser.save((err) => {
            if (err) throw err
            return done(null, newUser)
          })
        }
      })
    })
  }))

  app.use(session({
    secret: 'secret',
    resave: false,
    saveUninitialized: false
  }))
  app.use(passport.initialize())
  app.use(passport.session())

  app.get('/success', (req, res) => {
    res.send({ state: 'success', user: req.user ? 

Post Status

Asked in February 2016
Viewed 3,939 times
Voted 5
Answered 1 times

Search




Leave an answer