All geek questions in one place

Passport and JWT

So I managed to get a passport-twitter working with the jsonwebtoken library, but in order for it to work correctly, I have to use the express session as middleware. I do not want to add a session because I use jsonwebtoken to return a token.

Here is the code autheticate.js

router.get('/twitter', function(req, res, next){ passport.authenticate('twitter', {session: false}, function(err, user, info){ if(err){ return next(err); } if(user){ var token = createToken(user); console.log(token); return res.json({token: token}); } else { return res.status(401).json(info); } })(req, res, next); });

I already added session: false as an argument, but on server.js it saves the flattening error that I need to use express-session.

server.js

 var express = require('express'); var path = require('path'); var logger = require('morgan'); var bodyParser = require('body-parser'); var mongoose = require('mongoose'); var passport = require('passport'); var session = require('express-session'); var config = require('./config'); mongoose.connect('mongodb://localhost', function() { console.log("Connected to the database"); }) require('./passport')(passport); var app = express(); var authenticate = require('./routes/authenticate')(app, express, passport); var api = require('./routes/api') (app, express, passport); // uncomment after placing your favicon in /public //app.use(favicon(__dirname + '/public/favicon.ico')); app.use(logger('dev')); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false })); app.use(session({ secret: config.TOKEN_SECRET, resave: true, saveUninitialized: true, })); app.use(express.static(path.join(__dirname, 'public'))); app.use(passport.initialize()); app.use('/auth', authenticate); app.use('/api', api); app.get('*', function(req, res) { res.sendFile(__dirname + '/public/app/views/index.html'); }); app.listen(3000, function(err) { if(err) { return res.send(err); } console.log("Listening on port 3000"); });

Therefore, whenever I delete app.use (session ()) and try to authenticate using passport-twitter. I will get this error

Oauth Strategy error requires app.use (express-session));

I know that the obvious solution is to add this line, but I don't want to use a session. Does Oauth 0.1 need to use a session?

+5
source share
1 answer

Passports Based on OAuth strategies, session middleware is used to track the login process. You don't need to use session middleware for anything else, just base your authentication on your token and ignore the session.

+2
source

Source: https://habr.com/ru/post/1215884/

More articles:


All Articles