Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Strange behavior for passport.authenticate() function

See original GitHub issue

Hi there!

I’m trying koa-passport and discovered a strange behavior on passport.authenticate() function call. This function does return next() and this breaks my actions sequence (see details below). If I change return next() in koa-passport lib to return, everything works just fine (at least as I expect it to be).

Can anyone advice on this and help me to clarify if there is a bug or I’m just doing something wrong?

My example application code that makes output located at: https://gist.github.com/Brozish/69e8147f323bbb044f3efd21e5d0df2f

create file version.js and copy example application code

yarn init
yarn add koa koa-router koa-bodyparser koa-passport passport-jwt mongoose winston
node version.js

Query application with curl or similar tool to see output:

curl -X GET \
  http://localhost:3000/users \
  -H 'Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjViZmQwNTYwYWZmZjcxMjBmOTBkZTY4NSIsImVtYWlsIjoiaXNzdWVAaXNzdWUuaXNzdWUiLCJpYXQiOjE1NDMzMDg2NTcsImV4cCI6MTU3NDg0NDY1N30.RuyTMiiZRS6j8XhWPzPSKL4jacn2aRnaWLQQ6K5z9F7aWQgBoehl-1eXddRy_QfSxRF4cILPUhSWa1PnK78ocg' \
  -H 'cache-control: no-cache'

My application console output if koa-passport does return next() (wrong actions sequence):

  • startAuth
  • beforeKoaPassport
  • jwtStrategy
  • startGetUsers
  • endGetUsers
  • afterKoaPassport
  • endAuth

My application console output if koa-passport does return (everything is OK):

  • startAuth
  • beforeKoaPassport
  • jwtStrategy
  • afterKoaPassport
  • endAuth
  • startGetUsers
  • endGetUsers

Koa-passport lib code that breaks my app can be found at: https://github.com/rkusa/koa-passport/commit/116fa48e2ca0ee6ac362f8b91e44e8e52a4ef30a

git blame ./lib/framework/koa.js --date=short -L 14 116fa48e (rkusa 2015-11-20 149) return next()

My full application code: https://bitbucket.org/Brozish/node.js/src/master/

Any help on this subject would be appreciated. If this is a bug, I would be happy to make a pull request or being mentioned in commit with a fix.

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Reactions:3
  • Comments:8 (3 by maintainers)

github_iconTop GitHub Comments

3reactions
ghostcommented, Jan 23, 2019

For those who don’t like this piece of code:

router.get(
  '/users',
  passport.authenticate('jwt', { session: false }),
  auth,
  getUsers
);

You can try something like this:

const passport = require('koa-passport');

const privateRoute = (ctx, next) => {
  return passport.authenticate('jwt', { session: false }, async (err, user) => {
    if (err || !user) {
      ctx.throw(401, 'Unauthorized');
    } else {
      await ctx.login(user);
      await next();
    }
  })(ctx);
};

And then use it like this:

router.get(
  '/users',
  privateRoute,
  getUsers
);

I was trying to find such solution for 5 hours. I guess i need to leave it here, maybe it will help somebody in the future.

3reactions
devt3000commented, Nov 28, 2018

Weird, my JWT strategy isn’t being executed. Maybe this is a fix?

Read more comments on GitHub >

github_iconTop Results From Across the Web

passport.js successful authentication not calling next()
I am using passport.js for authentication. It seems that upon successful authentication, passport does not call next() , so my Express route is ......
Read more >
Everything you need to know about the `passport-local ...
In this post, I am going to walk through why the passport-local authentication strategy is a simple, secure solution for small teams and ......
Read more >
The Ultimate Guide to Passport JS - DEV Community ‍ ‍
authenticate() method (used as middleware here) will execute the callback that you have defined and supply it with the username and password ......
Read more >
Documentation: Middleware - Passport.js
authenticate() is middleware which will authenticate the request. By default, when authentication succeeds, the req.user property is set to the authenticated ...
Read more >
The Ultimate Guide to Passport JS - Zach Gollwitzer
get() function. The Express application first checked to see if there was any "global" middleware installed on the router, but it didn't find...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Amend co-authors on a commit?

Next page

passport.deserializeUser not called when session uses external session storage