All geek questions in one place

Custom Strategy Authentication Authentication Using Passport JS

I am trying to authenticate using Passport using this API specified in: https://wiki.nus.edu.sg/display/ivlelapi/Android . User session data must also be saved.

The document shows that the authentication process is a simpler version of Oauth:

  • The application server redirects the user to authorize the login page.
  • Login page returns successful token
  • User data can be obtained using this token.

However, the passport OAuth strategy seems to require a consumer callback and requires a more complex process using two tokens.

Can OAuth be used in this case? I studied using passport-local by checking only the user parameter (if the user exists to add the user to the database), but it does not seem to accept other parameters.

Alternatively, should Passport JS be necessary in such an instance?

+6
source share
1 answer

In your case, you can use a carrier token or JWT. After successful user authentication, the endpoint can return the token in JSON format, and then you can save it to a local one. Using a bearer token or JWT allows the session to be less authenticated, which means that the token will contain expiration information and a user ID.

I suggest you use a passport and choose a strategy that suits your needs, other than overriding.

JWT passport

ID of passport holder

0
source

Source: https://habr.com/ru/post/947006/

More articles:


All Articles