0

I found the following post on how deserializeUser is supposed to work: PassportJS serializeUser and deserializeUser execution flow

However When I try and send a JSON to the server which contains the key for the user, I cannot call req.user to find the user's details.

I am unsure on how to check what is going on because a lot of stuff is going on under the hood.

Does passport expect that I send a cookie to express containing the key? Any specific name for the cookie or format? Does it require that I sent the key in JSON format?

const express = require('express')
const app = express()
const mongoose = require('mongoose')
var cors = require('cors')
const bodyParser = require('body-parser')
var http = require('http')
var cookieParser = require('cookie-parser');
app.use(cookieParser('someSecret'));
var session = require('express-session');
app.use(session());
var flash=require("connect-flash");
app.use(flash());

passport.use(new LocalStrategy({
   usernameField: 'username',
   passwordField: 'password',
   session: true,
   passReqToCallback: true
},
function(req, username, password, done){
   registrationModel.findOne({username: username}, function(err, user){
  if (err) { return done(err); }
     if (!user){
        console.log("Username incorrect")
        return done(null, false, { message: 'Incorrect username.'});
     }
     if (user.password != password){
        console.log("Password Incorrect")
        return done(null, false, { message: 'Incorrect Password.'});
     } else {
        console.log("Returning good stuff")
        console.log(user)
        return done(null, user);
     }
   });
  }
));

//Needed for authenticating the session and initializing passport
app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser(function(user, done) {
   console.log("Serializing User")
   console.log(user.id)
   console.log("Should be serialized")
   done(null, user.id);
});

passport.deserializeUser(function(id, done){
   users.User.findById(id, function(err, User) {
   console.log('attempting to deserialize user')
   console.log(user)
   console.log('--------------')
   if (User){
      done(err, User);
   } else {
      done(err, null);
   }
})
})

app.post('/api/authenticate', passport.authenticate('local'),
function(req, res){ 
   const individualIWant = jsonQuery('req.sessionStore.sessions')
   res.cookie('FreeUp', req.session.passport.user) 
   var cookie = JSON.stringify(req.session.passport.user)
   res.send({'name': 'FreeUp', 'value': cookie})
})

I can see a cookie in the browser: name:"FreeUp" value:""59c4cf4ecb364a000f23a707""

The value is the database ID for the object and not the key for the serialized object. I understand that I need to access the key for serialized object by using res.req.sessionID and to send that back instead.

However the point still stands, I do not know whether to send it back as a json file or a cookie. It seems like such a complex library to use.

Which format does passport expect me to use when sending the data back from Ember?

Thanks!

J.Newall
  • 25
  • 4
  • Can you show how you've configured your application? The answers to your questions depend greatly on that. – Paul Sep 21 '17 at 16:38

1 Answers1

0

I had a lot of trouble with this as well.

From what I understand Passport doesn't actually create a session itself. So you need to use another piece of middleware, like express-session, and you'll also need a cookie parser.

I built my authentication using the tutorial they have at Scotch: https://scotch.io/tutorials/easy-node-authentication-setup-and-local. It's really well commented and the only straight forward tutorial I could find (especially for local authentication). I can verify that it worked for me and req.user is storing all the credentials when I pass it in my routes.

Hope that helps.

Kelly Barber
  • 76
  • 3