I think the yttrium and laggingreflex questions are slightly different:
To answer yttrium:
To access the request object, you must do this inside the direct middleware that will authorize your resource.
function authMethod(req, res, next) { if (req.isAuthenticated()) { console.log(req.user); return next(); } res.status(401).send({user:undefined}); } app.get('/',authMethod,function(req,response) { res.status(200).send("OK"); }
If you configured it correctly, Passaport will make changes to your request object, so you can access user information using req.user . You also have a req.isAuthenticated() method to check if third-party authentication is done.
To answer laggingreflex:
You cannot access the request object inside passport.deserializeUser and passport.serializeUser , as these methods are designed to handle serialization of user information inside a session (see github ). These methods receive the object and function as parameters. In serializeUser first parameter is an object with user information that you will serialize and go to the done function (callback). On deserializeUser first parameter is the object that was serialized to perform the inverse operation.