How to use passport-local - 10 common examples
To help you get started, we’ve selected a few passport-local examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
chingu-voyage5 / BitHelper / config / passport.js View on Github 
});
}
}
);
});
}
)
);
// =========================================================================
// LOCAL SIGNUP ============================================================
// =========================================================================
passport.use(
"local-signup",
new LocalStrategy(
{
// override with email instead of email instead of userame
usernameField: "email",
passwordField: "password",
passReqToCallback: true // allows us to pass back the entire request to the callback
},
function(req, email, password, done) {
// asynchronous
// User.findOne wont fire unless data is sent back
process.nextTick(function() {
// find a user whose email is the same as the forms email
// we are checking to see if the user trying to login already exists
User.findOne(
{
"email": email
},// Middlewares
const tokenMiddleware = require('./middlewares/token')
app.use('/token', tokenMiddleware)
// Normal Routes
app.use('/', api)
app.use('/auth', apiAuth)
app.use('/api/accounts', apiAccounts)
app.use('/api/books', apiBooks)
// -----------------------------------------------------------------------------
// PASSPORT
// -----------------------------------------------------------------------------
// Local
passport.use(new LocalStrategy(Account.authenticate()))
// GitHub
passport.use(new GitHubStrategy({
clientID: process.env.GITHUB_CLIENT_ID,
clientSecret: process.env.GITHUB_CLIENT_SECRET,
callbackURL: process.env.GITHUB_CALLBACK,
passReqToCallback: true
},
providers.github))
// Facebook
passport.use(new FacebookStrategy({
clientID: process.env.FACEBOOK_APP_ID,
clientSecret: process.env.FACEBOOK_APP_SECRET,
callbackURL: process.env.FACEBOOK_CALLBACK,
profileFields: ['id', 'displayName', 'photos', 'email'],module.exports = function initLocalStrategy(we) {
// - Local
passport.use(new LocalStrategy(
we.config.passport.strategies.local
, function findUserAndValidPassword(email, password, done) {
// build the find user query
var query = { where: {}};
query.where[we.config.passport.strategies.local.usernameField] = email;
// find user in DB
we.db.models.user.find(query).then (function (user) {
if (!user) {
return done(null, false, { message: 'auth.login.wrong.email.or.password' });
}
// get the user password
user.getPassword().then(function (passwordObj) {
if (!passwordObj) return done(null, false, { message: 'auth.login.user.dont.have.password' });
passwordObj.validatePassword(password, function (err, isValid) {
if (err) return done(err);import jwt from 'jsonwebtoken';
import PassportLocalStrategy from 'passport-local';
import { User } from 'common/databases/admin';
import { auth } from 'common/config';
/**
* Return the Passport Local Strategy object.
*/
const LoginStrategy = new PassportLocalStrategy({
usernameField: 'username',
passwordField: 'password',
session: false,
passReqToCallback: true,
}, (req, username, password, done) => {
const userData = {
username: username.trim(),
password: password.trim(),
};
// find a user by email address
return User.findOne({ username: userData.username, isConfirmed: true, isActive: true }, (err, user) => {
if (err) {
return done(err);
}// we use single refreshtoken so other will be reject when we login again
import passport from 'passport'
// can be facebook, google...
import LocalStrategy from 'passport-local'
import models from 'models'
import {comparePassword} from 'passport/password-crypto'
// extend strategy
passport.use(new LocalStrategy(async (email, password, done) => {
const row = await models.authors.findOne({
where:{
email,
},
attributes: ['id', 'name', 'email', 'image', 'introduction', 'description', 'encrypted_password']
})
if(row){
// row is just instance, because we await for it, but dataValues are ready as pure json
const {encrypted_password, image, ...user} = row.dataValues
const checkPassword = await comparePassword(password, encrypted_password)
if(checkPassword) {
// update full image for user
user.avatar = `/uploads/author/image/${user.id}/${image}`import passport from 'passport';
import LocalStrategy from 'passport-local';
import { Strategy as JWTStrategy, ExtractJwt } from 'passport-jwt';
import User from '../modules/users/user.model';
import constants from '../config/constants';
// Local strategy
const localOpts = {
usernameField: 'email',
};
const localStrategy = new LocalStrategy(
localOpts,
async (email, password, done) => {
try {
const user = await User.findOne({ email });
if (!user) {
return done(null, false);
} else if (!user.authenticateUser(password)) {
return done(null, false);
}
return done(null, user);
} catch (e) {
return done(e, false);
}
},
);import { User } from '../../models/User';
interface IRequest extends express.Request {
user?: {
dataValues: object;
};
session: {
[key: string]: object;
destroy(): void;
};
}
// tslint:disable-next-line export-name
export const auth = express();
const strategy = new LocalStrategy(
{ usernameField: 'email' },
(username: string, password: string, done: (a, b, c?) => void) => {
User.findOne({
where: {
email: username,
},
}).then(user => {
if (user && user.isPasswordMatch(password)) {
return done(null, user);
} else {
return done(null, false, { message: 'Wrong email or password' });
}
});
}
);return done(null, newUser);
});
}
});
});
}));
// # Local Login
// We are using named strategies since we have one for login and one
// for signup
// By default, if there is no name, it would just be called 'local'
passport.use('local-login', new LocalStrategy({
// By default, local strategy uses username and password
usernameField : 'email',
passwordField : 'password',
// Allow the entire request to be passed back to the callback
passReqToCallback : true
},
(req, username, password, done) => {
// ## Data Checks
// If the length of the username string is too long/short,
// invoke verify callback.function MongoDBStrategy(dbUrl, apiKey, dbName, collection) {
this.dbUrl = dbUrl;
this.apiKey = apiKey;
this.dbName = dbName;
this.collection = collection;
this.baseUrl = this.dbUrl + '/databases/' + this.dbName + '/collections/' + collection + '/';
// Call the super constructor - passing in our user verification function
// We use the email field for the username
LocalStrategy.call(this, { usernameField: 'email' }, this.verifyUser.bind(this));
// Serialize the user into a string (id) for storing in the session
passport.serializeUser(function(user, done) {
done(null, user._id.$oid); // Remember that MongoDB has this weird { _id: { $oid: 1234567 } } structure
});
// Deserialize the user from a string (id) into a user (via a cll to the DB)
passport.deserializeUser(this.get.bind(this));
// We want this strategy to have a nice name for use by passport, e.g. app.post('/login', passport.authenticate('mongo'));
this.name = MongoDBStrategy.name;
}function MongoDBStrategy(dbUrl, apiKey, dbName, collection) {
this.dbUrl = dbUrl;
this.apiKey = apiKey;
this.dbName = dbName;
this.collection = collection;
this.baseUrl = this.dbUrl + '/' + this.dbName + '/collections/' + collection + '/';
// Call the super constructor - passing in our user verification function
// We use the email field for the username
LocalStrategy.call(this, { usernameField: 'email' }, this.verifyUser.bind(this));
// Serialize the user into a string (id) for storing in the session
passport.serializeUser(function(user, done) {
done(null, user._id.$oid); // Remember that MongoDB has this weird { _id: { $oid: 1234567 } } structure
});
// Deserialize the user from a string (id) into a user (via a cll to the DB)
passport.deserializeUser(this.get.bind(this));
// We want this strategy to have a nice name for use by passport, e.g. app.post('/login', passport.authenticate('mongo'));
this.name = "mongo";
}passport-local
Local username and password authentication strategy for Passport.
