passport.js

问题 I'm using Express 4.2.0 with passport 0.2.0. The express-session middleware that I am using is 1.2.1 I'm relatively new to node authentication so please bear with me. I noticed that for everyone page load, passport is executing a db request: Executing (default): SELECT * FROM "users" WHERE "users"."user_id"=7 LIMIT 1; This doesn't make sense to me as I would think that the user has already been authenticated and serialized. And the session is now stored in the browser cookie. I also checked

问题 I am experiencing a strange bug or error in my code. I have setup an auth api on node server, using passportjs as my middleware and passport-jwt as my strategy. My passport setup looks like this //add jwt strategy to passport var JwtStrategy = require('passport-jwt').Strategy; var ExtractJwt = require('passport-jwt').ExtractJwt; var User = require('../models/user'); var configDB = require('../config/database'); module.exports = function(passport) { var opts = {}; opts.secretOrKey = configDB

问题 I am having some issues understanding how to implement the Resource Owners Password Flow with oAuth2rize and passport.js specifically with the transmission of the client_id and the client_secret so that i can do some checks on the client to ensure anything coming into this end point (/token) using the specific "password" grant type is specifically an official application and no others based on the id and secret. When building out the solution i can get a token back, but that is before i have

问题 I'm using passportjs for the authentication and session. I get the ussername from mysql and the input field from client side but when the done is called on verification, I get done is not a function . The server.js : var express = require('express'); var app = express(); var path = require('path'); var bodyParser = require('body-parser'); var passport = require('passport'); var LocalStrategy = require('passport-local').Strategy; var cookieParser = require('cookie-parser'); // app.use(app

问题 In brief, I have a login page where my POST request is turning into a GET in Express 4. Here is the business part of my login page: <form id='loginForm' action='/login' method='post'> <table> <tr> <td><input type='text' name='username' /></td> </tr> <tr> <td><input type='text' name='password' /></td> </tr> <tr> <td><button type='submit'>Submit</button></td> </tr> </table> </form> Here are routes I set: // Express 4 var router = express.Router(); router.get('/login', function(req, res) { res

问题 I am not sure if this is possible but I would like to use multiple Google strategies in order to use a different set of scopes depending on the link/user. I have created two separate passport variables: passport = require('passport') passport2 = require('passport') I have setup them both as follows: passport.use(new GoogleStrategy({ clientID: GOOGLE_CLIENT_ID, clientSecret: GOOGLE_CLIENT_SECRET, callbackURL: "http://localhost:3000/auth/callback" }, function(accessToken, refreshToken, profile,

问题 I'm using passport , express-session and connect-pg-simple . The problem is that session is not correctly obtained from a storage , where it gets properly (i hope, but doubt) saved. My setup is the same, as in many tutorials, I've found around. server.js: import express from 'express'; import next from 'next'; import bodyParser from 'body-parser'; import session from 'express-session'; import connectPgSimple from 'connect-pg-simple'; const sessionStorage = connectPgSimple(session); import

问题 My question is related to PassportJS - Using multiple passports within Express application topic. So as long as I already have two separate passport instances, I realized that they both share the same cookie, created here: application.use(session({ secret: 'my secret cookie', key: 'usid' })); I can add one more cookie with different name using this: app.use(connect.session({ secret: 'keyboard cat', key: 'rsid' })) However, it is not clear to me how to instruct each passport to use its own

问题 I am using passport-jwt to generate my tokens but I noticed that the tokens never expire, is there any way to invalidate a particular token according to a rule set for me, something like: 'use strict'; const passport = require('passport'); const passportJWT = require('passport-jwt'); const ExtractJwt = passportJWT.ExtractJwt; const Strategy = passportJWT.Strategy; const jwt = require('../jwt'); const cfg = jwt.authSecret(); const params = { secretOrKey: cfg.jwtSecret, jwtFromRequest:

问题 I'm having a hard time to decide the best way to use PassportJS with HapiJS. Have anyone done that? I'm not talking about Travelogue because I kinda didn't like the way it works. Maybe I'm not using it right. 回答1: Travelogue has recently been "retired". Check out the replacement module bell. bell is much more "hapi-like" because it doesn't try to use passport.js 来源： https://stackoverflow.com/questions/22425792/how-to-use-passportjs-with-hapijs