Skip to content

Instantly share code, notes, and snippets.

@engram-design

engram-design/gist:5417983

Last active December 16, 2015 10:09
Show Gist options
  • Save engram-design/5417983 to your computer and use it in GitHub Desktop.
Save engram-design/5417983 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
var express = require('express'),
passport = require('passport'),
LocalStrategy = require('passport-local').Strategy;
var users = [
{ id: 1, username: 'bob', password: 'secret', email: '[email protected]' }
];
function findById(id, fn) {
var idx = id - 1;
if (users[idx]) {
fn(null, users[idx]);
} else {
fn(new Error('User ' + id + ' does not exist'));
}
}
function findByUsername(username, fn) {
for (var i = 0, len = users.length; i < len; i++) {
var user = users[i];
if (user.username === username) {
return fn(null, user);
}
}
return fn(null, null);
}
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
findById(id, function (err, user) {
done(err, user);
});
});
passport.use(new LocalStrategy(
function(username, password, done) {
findByUsername(username, function(err, user) {
if (!user) {
return done(null, false, { message: 'Unknown user ' + username });
}
if (user.password != password) {
return done(null, false, { message: 'Invalid password' });
}
return done(null, user);
});
}
));
var app = express();
app.configure(function() {
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser());
app.use(express.session({ secret: 'keyboard cat' }));
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
});
// using GET just for easy testing...
app.get('/session', passport.authenticate('local'), function(req, res) {
res.json({_id: req.user._id, _rev: req.user._rev});
});
app.listen(3000, function() {
console.log('Express server listening on port 3000');
});
@engram-design
Copy link
Author

Visiting http://127.0.0.1:3000/session?username=bob&password=secret2 simply results in Unauthorized rather than the expected { message: 'Invalid password' }

@jaredhanson
Copy link

You need to add flash support and set the relevant options if you want to display flash messages. Look at this example for inspiration: https://github.com/jaredhanson/passport-local/tree/master/examples/express3

@engram-design
Copy link
Author

@jaredhanson Ah - good point. Whoops!

As far as I can tell, this doesn't work without a redirect? So the POST itself doesn't return anything

app.get('/login', function(req, res){
    res.json(req.flash('error'));
});

app.post('/session', passport.authenticate('local', { failureRedirect: '/login', failureFlash: true }), function(req, res) {
    res.json({_id: req.user._id, _rev: req.user._rev});
});

Anyway, this seems by design so I won't waste any more of your time. Thanks so much for your help!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment