There are basically two steps to do so:
Configure:
Three part to configure:
1. Application strategies
2. Middleware
3. Session (optional)
Before authenticating request, strategy must be configured and are supplied via use function on passport object.
passport.use('strategy_name', new StrategyType(function(..,credentials, done));
where, function(..,credentials, done) is verify callback.
When passport authenticate request, it parses the request and pass those credentials to verify callback function.
Writing verify callback function:
If credentials are valid call done as:
done(null, user); //here user is the user that authenticated.
If credentials are not valid call done as:
done(null, false);
If exception occurred on verifying credentials call done as:
done(err);
*You can pass additional info msg to indicate reason for failure:
done(null, false, {message : 'user is not authenticated'});
2. Middleware:
Authenticate:
No comments:
Post a Comment