Instantly share code, notes, and snippets.

Embed
What would you like to do?
app.js file generated with the express-generator with additional bits for Passport authentication
var createError = require('http-errors');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var indexRouter = require('./routes/index');
var usersRouter = require('./routes/users');
var app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use('/', indexRouter);
app.use('/users', usersRouter);
// PASSPORT SPECIFIC PART START HERE
// import passport and passport-local strategy
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
// add local authentication strategy with a verification function
passport.use(new LocalStrategy(
// your verification logic goes here
// this test verification function always succeeds and returns a hard-coded user
function (username, password, done) {
console.log("Verification function called");
return done(null, { username, id: "1" });
}
));
// serialize user object
passport.serializeUser(function (user, done) {
done(null, user);
});
// deserialize user object
passport.deserializeUser(function (user, done) {
done(err, user);
});
// initialize passport middleware
app.use(passport.initialize());
app.use(passport.session());
// configure my-login route to authenticate using added "local" strategy
// if a user is logged in, send him back a message
app.post('/my-login',
// call passport authentication passing the "local" strategy name
// THIS CALL RESPONDS WITH 400 OR 401 STATUS WITH NO DETAILS
passport.authenticate('local'),
// function to call once successfully authenticated
function (req, res) {
res.status(200).send('logged in!');
});
// configure my-login-with-log route to authenticate using added "local" strategy with a custom callback
// if a user is logged in, send him back a message
app.post('/my-login-with-log',
// wrap passport.authenticate call in a middleware function
function (req, res, next) {
// call passport authentication passing the "local" strategy name and a callback function
passport.authenticate('local', function (error, user, info) {
// this will execute in any case, even if a passport strategy will find an error
// log everything to console
console.log(error);
console.log(user);
console.log(info);
if (error) {
res.status(401).send(error);
} else if (!user) {
res.status(401).send(info);
} else {
next();
}
res.status(401).send(info);
})(req, res);
},
// function to call once successfully authenticated
function (req, res) {
res.status(200).send('logged in!');
});
// PASSPORT SPECIFIC PART ENDS HERE
// error handler
app.use(function (err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment