Clever Geek Handbook

Passport "Hello World" always fails

I have the following:

import {Router} from 'express';
import passport from 'passport';
import {Strategy} from 'passport-local';
import pg from 'pg';
import {pgUri} from '../environment';

let loginRouter = Router();

passport.use(new Strategy((username, password, done) => done(null, true)));
//{
//    pg.connectAsync(pgUri)
//        .then(([client, release]) => {
//            return client.queryAsync('select * from users where "user" = $1::TEXT', [username])
//                .finally(release);
//        })
//        .tap(result => console.log(result.rows))
//        .then(result => done(null, true));
//}));

loginRouter.get('/', (request, response) => response.render('login'));
loginRouter.post('/', passport.authenticate('local', {successRedirect: '/',
                                                      failureRedirect: '/login'}));

export default loginRouter;

This is an express route file that defines the simplest possible authentication scheme. The above will always redirect back to /login

, indicating a failure.

What i tried

  • Change failureRedirect

    to is /loginFailed

    indeed redirected. So the input doesn't work.
  • Breakpoints console.log

    are not hit inside the function body either.
  • Calling done

    with done(null, {foo: "bar"})

    instead of true does not change anything.

It is worth noting

  • I'm using babel for ES6 support, but since this is the only bug and the breakpoints I can set (before passport.use

    ) display the expected values ​​for all variables, I don't think that's the problem.
  • The route .get()

    works as expected, displaying the form.

I have this in my bootstrap:

app.use(session({
    secret: "some-secret",
    resave: true,
    saveUninitialized: true
}));

app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser((user, done) => done(null, {foo: "bar"}));

passport.deserializeUser((user, done) => done(null, {foo: "bar"}));

Here's the form I'm using (directly copied from the example )

<form action="/login" method="post">
    <div>
        <label>Username:</label>
        <input type="text" name="username"/>
    </div>
    <div>
        <label>Password:</label>
        <input type="password" name="password"/>
    </div>
    <div>
        <input type="submit" value="Log In"/>
    </div>
</form>

I have no idea what is wrong here. Would be grateful for any help.

+3


source to share


1 answer


You need to use something to parse the POST body.

A passport is meant to do literally one thing: authenticate requests. It delegates all other functions, including parsing the body of a POST application. They say this in their review , but it's easy to underestimate the implications.



They come back to the topic in the Middleware section of the Configure page , so I recommend reading that.

I am using a module body-parser

to handle it (read about it here ).

+4


source






More articles:


All Articles