Comments (2)
Yes, you can simply write your own route middleware like so:
function checkAuth(req,res,next){
if(req.user) next();//Forward the request so it can be handled by your router
else res.send(403);//send access denied
}
app.configure(function() {
app.use(express.cookieParser());
app.use(express.bodyParser());
app.use(express.session({ secret: 'keyboard cat' }));
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(__dirname + '/../../public'));
});
app.get('/login',function(req,res){
//Serve your login page here
});
app.post('/login',
passport.authenticate('local'),
function(req, res) {
// If this function gets called, authentication was successful.
// `req.user` property contains the authenticated user.
});
app.all('*', checkAuth);
//Serve any other pages here:
app.get('/secure', function(req,res){
res.json(req.user);
});
The way this works is that Express applies routes in order, when they match. We have our login methods before we check for authentication, so users can access it to sign on, then we check auth using app.all('*', checkAuth)
which works because all matches all request methods (GET, PUT, POST etc.) and '*' matches all paths ('example.com/', 'example.com/secure', 'example.com/other' etc.)
If you need to be able to define more complex authorization rules based on roles you can try my https://github.com/ForbesLindesay/connect-roles (if you have any problems, create an issue). It comes with a built in require('connect-roles').isAuthenticated
middleware.
from passport.
@ForbesLindesay Awesome this answers my questions; thank you for the explanation. -plato
from passport.
Related Issues (20)
- strategy.authenticate is not a function (passport-facebook)
- documentation does not work. https://www.passportjs.org/tutorials/google/ HOT 3
- Race condition in logout function HOT 10
- Laravel passport HOT 2
- Passport 0.6.0 regenerates session IDs, breaking custom logins
- Facebook Tutorial Register has no content HOT 1
- Prompt option is being ignored in nodejs when extending PassportStrategy
- Documentation Isuue HOT 1
- Passport authentication with client side generation
- Only one user session is created instead of a new session for each different logged in user
- Duplicate Session Save Operations During Login with Session Regeneration
- How to add passportjs in Saleforce commerce cloud web site SFRA ?
- Using AuthenticationCallback/req.logIn() breaks deserialization in 0.7.0
- Passpor-discord with Framework Astrojs
- social login with yahoo using passprt js HOT 1
- https://www.passportjs.org/packages/ not found
- Passport Strategy for Facebook doesn't work
- local strategy deserializeUser not be used
- Add Discord Auth Strategy
- Add my Passport Strategies to website: Magalu (Magazine Luiza) and MercadoLivre (ML Brazil)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from passport.