Then we'll try to add our authentication middleware to it. This strategy lets you authenticate users in your Node.js applications using a username and password.įor using the Local Authentication Strategy, we need to install the passport-local module:īut wait: Before you fire up your terminal and start executing these commands, let's start by building an Express app from scratch and adding some routes to it (for login, registration, and home).
In this tutorial, we will use the Local Authentication Strategy of Passport and authenticate the users against a locally configured MongoDB instance, storing the user details in the database. All these strategies are independent of each other and packaged as separate node modules which are not included by default when you install Passport's middleware: npm install passport. to authenticate with your social media accounts.īut don't worry: you don't need to include any strategy that your application does not need. You can authenticate against a local or remote database instance or use the single sign-on using OAuth providers for Facebook, Twitter, Google, etc. Passport provides us with 500+ authentication mechanisms to choose from.
We'll secure the app by adding routes to it and authenticating some of those routes. This tutorial assumes a basic understanding of Node.js and the Express framework to keep the focus on authentication, although we do create a sample Express app from scratch. It allows Passport to be easily configured into any Express-based web application, just like we configure other Express middleware such as logging, body-parsing, cookie-parsing, and session-handling. Passport's documentation describes it as a "simple, unobtrusive authentication middleware for Node" and rightly so.īy providing itself as middleware, Passport does an excellent job at separating the other concerns of a web application from its authentication needs. In this tutorial, we will develop a Node.js application from scratch and use the popular authentication middleware Passport to take care of our authentication concerns.
0 kommentar(er)
