Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

is it possible to use koa-passport without session?

See original GitHub issue

Hello, just building a restful api for an ios application, i was trying to use json web token to authenticate all my api end points…

ended up hitting a snag

// callback version
passport.use(new LocalStrategy({session: false},
  function(username, password, done) {
    pool.getConnection(function(connectionError, connection) {
      console.log('connection error', connectionError);
      const q = {};
      q.sql = 'SELECT ?? FROM ?? WHERE ?? = ?';
      q.values = ['userPwHash', 'user', 'userName', username];
      connection.query(q, function(err, rows) {
        console.log('query error', err);
        console.log('rows', rows);
        if (err) {return done(err); }
        if (!rows.length) {
          return done(null, false, {message: 'Incorrect username.'});
        }
        const dbpwhash = rows[0].userPwHash;
        bcrypt.compare(password, dbpwhash, function(hashError, match) {
          console.log('hasherror', hashError);
          if (match) { return done(null, {userName: username}); }
          if (!match) {return done(null, false, {message: 'Incorrect password.'}); }
        });
        connection.close();
      });
      // pool.end();
    });
  }
));

Error: Failed to serialize user into session

i was wondering if session is required or how i would go about using an auth token for authentication. thanks again!

Issue Analytics

State:
Created 8 years ago
Reactions:2
Comments:6 (1 by maintainers)

Top GitHub Comments

1reaction

devt3000commented, Nov 24, 2018

Hey, this didnt solve my issue though, #124 .

1reaction

thewillhuangcommented, Dec 19, 2015

@Globik this is how i did mine, granted it could be cleaner but it works

'use strict';

const passport = require('koa-passport');
const LocalStrategy = require('passport-local').Strategy;
const FacebookStrategy = require('passport-facebook').Strategy;
const BearerStrategy = require('passport-http-bearer').Strategy;
const StripeStrategy = require('passport-stripe').Strategy;
const query = require('./query');
const validatePw = require('./validatePassword');
const genHash = require('./genHash');
const jwt = require('./jwt');

// custom error functions
function NoAccountError(message) {
  this.message = message;
  this.name = 'NoAccountError';
  Error.captureStackTrace(this, NoAccountError);
}
NoAccountError.prototype = Object.create(Error.prototype);
NoAccountError.prototype.constructor = NoAccountError;

function EmailTaken(message) {
  this.message = message;
  this.name = 'EmailTaken';
  Error.captureStackTrace(this, EmailTaken);
}
EmailTaken.prototype = Object.create(Error.prototype);
EmailTaken.prototype.constructor = EmailTaken;

function UserExist(message) {
  this.message = message;
  this.name = 'UserExist';
  Error.captureStackTrace(this, UserExist);
}
UserExist.prototype = Object.create(Error.prototype);
UserExist.prototype.constructor = UserExist;

// local strategy -- login
passport.use(new LocalStrategy({
  usernameField: 'email',
  passwordField: 'password',
  session: false,
},
  function (email, password, done) {
    const q = {};
    q.sql = 'SELECT ??, ?? FROM ?? WHERE ?? = ?';
    q.values = ['userPwHash', 'userID', 'User', 'email', email];
    query(q).bind({}).then(function (result) {
      // console.log(result);
      if (result.rows.length === 0) { throw new NoAccountError('no such user found'); }
      this.userID = result.rows[0].userID;
      return validatePw(password, result.rows[0].userPwHash);
    }).then(function (isMatch) {
      // console.log(this.userID);
      return !isMatch ?
        this.done = [false, { message: 'incorrect password' }] :
        this.done = [
          { email, scope: { userID: this.userID } },
          { message: 'Auth Success' },
        ];
    }).catch(NoAccountError, function () {
      this.done = [false, { message: 'incorrect email' }];
    }).catch(function (e) {
      console.log(e);
      this.done = [false, { message: e }];
    }).then(function () {
      return this.done;
    }).asCallback(done, { spread: true });
  }
));

Top Results From Across the Web

How to use the koa-passport.session function in koa ... - Snyk

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues...

User Authentication with Passport and Koa - Michael Herman

This tutorial looks at how to set up a local authentication strategy with Node, Koa, and koa-passport, where users can sign up and...

using koa and passport for authenication - Stack Overflow

I'm using koa and passport trying to implement middleware to prevent access to URIs when not authenticated. var koa = require('koa'); var ...

Node JS with Passport Authentication simplified - Medium

The primary “Passport JS” library is always required, and is used to maintain session information for authenticated users (i.e. you will import this...

koa-passport - npm

Passport middleware for Koa. Latest version: 5.0.0, last published: 5 months ago. Start using koa-passport in your project by running `npm i ...