passport-local with node-jwt-simple

I figured it out! First of all you need to implement the correct strategy. In my case LocalStrategy, and you need to provide your validation logic. For example sake let’s use the one in passport-local. var passport = require(‘passport’) , LocalStrategy = require(‘passport-local’).Strategy; passport.use(new LocalStrategy( function(username, password, done) { User.findOne({ username: username }, function(err, user) … Read more

ERR_HTTP_HEADERS_SENT: Cannot set headers after they are sent to the client

That particular error occurs whenever you try to send more than one response to the same request and is usually caused by improper asynchronous code. The code you show in your question does not appear like it would cause that error, but I do see code in a different route here that would cause that … Read more

Using PassportJS, how does one pass additional form fields to the local authentication strategy?

There’s a passReqToCallback option that you can enable, like so: passport.use(new LocalStrategy( {usernameField: ’email’, passReqToCallback: true}, function(req, email, password, done) { // now you can check req.body.foo } )); When, set req becomes the first argument to the verify callback, and you can inspect it as you wish.

Redirecting to previous page after authentication in node.js using passport.js

In your ensureAuthenticated method save the return url in the session like this: … req.session.returnTo = req.originalUrl; res.redirect(‘/login’); … Then you can update your passport.authenticate route to something like: app.get(‘/auth/google/return’, passport.authenticate(‘google’), function(req, res) { res.redirect(req.session.returnTo || “https://stackoverflow.com/”); delete req.session.returnTo; });

passport.js passport.initialize() middleware not in use

Follow the example to avoid the out-of-order middleware hell that express makes it so easy to enter. Straight from the docs. Note how yours does not match this exactly. var app = express(); app.use(require(‘serve-static’)(__dirname + ‘/../../public’)); app.use(require(‘cookie-parser’)()); app.use(require(‘body-parser’).urlencoded({ extended: true })); app.use(require(‘express-session’)({ secret: ‘keyboard cat’, resave: true, saveUninitialized: true })); app.use(passport.initialize()); app.use(passport.session()); Docs cookieParser session … Read more

Everyauth vs Passport.js?

Chiming in with my two cents, as the developer of Passport. Before developing Passport, I evaluated everyauth and determined that it didn’t meet my requirements. So, I set about implementing a different solution which would. The major points I wanted to address are: Idiomatic Node.js everyauth makes extensive use of promises, instead of Node’s approach … Read more

What does passport.session() middleware do?

passport.session() acts as a middleware to alter the req object and change the ‘user’ value that is currently the session id (from the client cookie) into the true deserialized user object. Whilst the other answers make some good points I thought that some more specific detail could be provided. app.use(passport.session()); is equivalent to app.use(passport.authenticate(‘session’)); Where … Read more