0

I am trying to create a passport remember me strategy but I am not sure how to call it. My overall strategy is to store two tokens in my database and as cookies on the client's computer and compare then to verify that they are real users. I am currently attempting to pass app.use a passport.authenticate strategy so that I can verify success of failure using my strategy.

In my app.js file I have:

    passport.use('rememberMe',new passportLocal.Strategy({ passReqToCallback: true },
  (req, cb) => {
    //check req.cookies['token']...
    return cb(null, (rememberMe.checkPersistance(req.cookies['token'], req.cookies['statictoken'])));
  }));

app.use((req, res) => passport.authenticate('rememberMe'), (req, res) => {
  //successfully logged in!
})

Note: rememberMe.checkPersistance does the comparison against the database and returns a true or false.

My problem is that I don't think I am using the app.use syntax correctly and I am not sure what the correct way to do it. How do I use passport.authenticate when it isn't in a .POST function?

Rohit Saxena
  • 607
  • 6
  • 14

2 Answers2

0

I figured out the answer to this question and overall I only had this problem because I didn't understand how .get and .post worked. For both each function you pass it, the function can pick up request, response, and next.

So you can replace .post with .get for most examples of passport you will see online. The difference between them will be what is post is designed to be sent data and then return something (like login information) while get is designed to be a way to query some information. Here is more detailed explanation.

Rohit Saxena
  • 607
  • 6
  • 14
0

Create a Schema for Tokens

'use strict'
const mongoose = require('mongoose'),
Schema = mongoose.Schema;

const TokenSchema = Schema({
    value: {
        type: String,
        required: true
    },

    user: {
        type: Schema.Types.ObjectId,
        ref: 'users',
        required: true
    }
});

module.exports = mongoose.model('token', TokenSchema);

Then define your strategie

passport.use(new RememberMeStrategy(
    function(token, done) {
        Token.findOneAndRemove({ value: token })
        .populate('user')
        .exec( function (err, doc) {
            if(err) return done(err);
            if(!doc) return done(null,false);
            return done(null, doc.user);
        });
    },
    function(user, done) {
        crypto.randomBytes(64, (err, buf) => {
            const value = buf.toString('hex');
            const token = new Token({
                value: value,
                user: user._id
            });
            token.save((err) => {
                if (err) return done(err);
                console.log(value);
                return done(null, value)
            });
        });
    }
));

I have found an issue : i can't logged out after define this strategie and check the remember me box. I just want the form loggin to be autofilled when i come back but it seems this module is useless, it not have the behaviour I want.

Adriwan Kenoby
  • 19
  • 4