Passport.js strategy with no field required

2019-05-07 03:41发布

站内问答 / 移动开发
929 1 3

I'm surprised that it's so hard to find, or maybe something wrong with me.

I need a passport.js strategy that requires no fields - to run authentication with it on simple user GET request to '/' and manipulate user session data to, for example, make a new 'guest' user.

Maybe i can do this via passport local-strategy? Or am i need to create a custom one?

I saw this Configure Passport to accept request without body? question, yet i just simply can't figure out how the suggested in answer wrapping will change anything.

Edit: here's what I'm trying to achieve

 passport.use('guest', new LocalStrategy({
    passReqToCallback: true
},
function (req, NOusername, NOpassword, done) {
////NO PASSWORD OR USERNAME checks here, just deciding what kind of temporary user needs to be created///
if (req.session.passport) {
  ///create new user with previous session data
  done(null,user)
}
else {
   ///create clean user
   done(null, user)
})
)

and then in routes.js 

app.get('/', passport.authenticate('guest'), function (req, res) {        
    res.render('PeerRoom.ejs', req.user);        
});

1条回答
在下西门庆
2楼-- · 2019-05-07 04:13

Edit: Another approach could be using req.logIn and skip dealing with the strategies altogether

app.get('/', yourCustomGuestAuthenticationMiddleware, function (req, res) {        
    res.render('PeerRoom.ejs', req.user);        
});
function yourCustomGuestAuthenticationMiddleware(req, res, next){
    // No need to do anything if a user already exists.
    if(req.user) return next();

    // Create a new user and login with that
    var user = new User({name: 'guest'+Math.random().toString() });
    user.save();
    req.logIn(user, next);
}

To make a new guest user, simply do it instead of rejecting an authentication

Here's a modified example from the docs

var passport = require('passport'),
    LocalStrategy = require('passport-local').Strategy;

passport.use(new LocalStrategy(
    function(username, password, done) {
        User.findOne({ username: username }, function(err, user) {
            if (err)  return done(err);
            if (!user) {

                /* HERE, INSTEAD OF REJECTING THE AUTHENTICATION */
                // return done(null, false, { message: 'Incorrect username.' });

                /* SIMPLY CREATE A NEW USER */
                var user = new User({ name: 'guest'+Math.random().toString() });
                user.save();
                /* AND AUTHENTICATE WITH THAT */
                return done(null, user);

            }
            if (!user.validPassword(password)) {
                return done(null, false, { message: 'Incorrect password.' });
            }
            return done(null, user);
        });
    }
));
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(3)