-
-
Save vishnuixm/0b9cfe7f710f6981fad433ed3bc88489 to your computer and use it in GitHub Desktop.
Two Passport + JWT (JSON Web Token) examples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// Implementation using express-jwt middle | |
// | |
var express = require('express'), | |
ejwt = require('express-jwt'), | |
jwt = require('jsonwebtoken'), | |
passport = require('passport'), | |
bodyParser = require('body-parser'), | |
LocalStrategy = require('passport-local').Strategy, | |
BearerStrategy = require('passport-http-bearer').Strategy; | |
var secret = 'super secret', | |
users = [ | |
{id: 0, username: 'test', password: 'test'} | |
]; | |
passport.use(new LocalStrategy(function(username, password, cb) { | |
var user = users.filter(function(u) { | |
return u.username === username && u.password === password | |
}); | |
if (user.length === 1) { | |
return cb(null, user[0]); | |
} else { | |
return cb(null, false); | |
} | |
})); | |
var app = express(); | |
app.use(bodyParser.json()); | |
app.use(passport.initialize()); | |
app.use(ejwt({secret: secret, userProperty: 'tokenPayload'}).unless({path: ['/login']})); | |
// First login to receive a token | |
app.post('/login', function(req, res, next) { | |
passport.authenticate('local', function(err, user, info) { | |
if (err) return next(err); | |
if (!user) { | |
return res.status(401).json({ status: 'error', code: 'unauthorized' }); | |
} else { | |
return res.json({ token: jwt.sign({id: user.id}, secret) }); | |
} | |
})(req, res, next); | |
}); | |
// Load the user from "database" if token found | |
app.use(function(req, res, next) { | |
if (req.tokenPayload) { | |
req.user = users[req.tokenPayload.id]; | |
} | |
if (req.user) { | |
return next(); | |
} else { | |
return res.status(401).json({ status: 'error', code: 'unauthorized' }); | |
} | |
}); | |
// Then set that token in the headers to access routes requiring authorization: | |
// Authorization: Bearer <token here> | |
app.get('/message', function(req, res) { | |
return res.json({ | |
status: 'ok', | |
message: 'Congratulations ' + req.user.username + '. You have a token.' | |
}); | |
}); | |
// Error handler middleware | |
app.use(function(err, req, res, next) { | |
console.error(err); | |
return res.status(500).json({ status: 'error', code: 'unauthorized' }); | |
}); | |
app.listen(3000); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// Implementation using HTTP Bearer strategy and jsonwebtoken | |
// | |
var express = require('express'), | |
jwt = require('jsonwebtoken'), | |
passport = require('passport'), | |
bodyParser = require('body-parser'), | |
LocalStrategy = require('passport-local').Strategy, | |
BearerStrategy = require('passport-http-bearer').Strategy; | |
var secret = 'super secret', | |
users = [ | |
{id: 0, username: 'test', password: 'test'} | |
]; | |
passport.use(new LocalStrategy(function(username, password, cb) { | |
var user = users.filter(function(u) { | |
return u.username === username && u.password === password | |
}); | |
if (user.length === 1) { | |
return cb(null, user[0]); | |
} else { | |
return cb(null, false); | |
} | |
})); | |
passport.use(new BearerStrategy(function (token, cb) { | |
jwt.verify(token, secret, function(err, decoded) { | |
if (err) return cb(err); | |
var user = users[decoded.id]; | |
return cb(null, user ? user : false); | |
}); | |
})); | |
var app = express(); | |
app.use(bodyParser.json()); | |
app.use(passport.initialize()); | |
// First login to receive a token | |
app.post('/login', function(req, res, next) { | |
passport.authenticate('local', function(err, user, info) { | |
if (err) return next(err); | |
if (!user) { | |
return res.status(401).json({ status: 'error', code: 'unauthorized' }); | |
} else { | |
return res.json({ token: jwt.sign({id: user.id}, secret) }); | |
} | |
})(req, res, next); | |
}); | |
// All routes from this point on need to authenticate with bearer: | |
// Authorization: Bearer <token here> | |
app.all('*', function(req, res, next) { | |
passport.authenticate('bearer', function(err, user, info) { | |
if (err) return next(err); | |
if (user) { | |
req.user = user; | |
return next(); | |
} else { | |
return res.status(401).json({ status: 'error', code: 'unauthorized' }); | |
} | |
})(req, res, next); | |
}); | |
app.get('/message', function(req, res) { | |
return res.json({ | |
status: 'ok', | |
message: 'Congratulations ' + req.user.username + '. You have a token.' | |
}); | |
}); | |
// Error handler middleware | |
app.use(function(err, req, res, next) { | |
console.error(err); | |
return res.status(500).json({ status: 'error', code: 'unauthorized' }); | |
}); | |
app.listen(3000); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment