I am confused about what Passport.js strategies to use in my web app made with:
Node.JS
Express
Angular
What are the differences between:
Passport-local,
Passport-http-bearer,
Passport-jwt?
Thank you so much!
the difference is authorization strategy use choose, nothing else. passport js will work same way for each of them. the simplest one is passport-local strategy
Related
I am new to Node Js and Currently working on a project with Express Js. I discover that User and can be achieved either through the Passport library or JSONWebTokens(JWT). So i was wondering which is the better option and why?
You can actually use them together. However, in short, passport is a module with many 'strategies' to help you authenticate users with multiple platforms. Passport-JWT is a strategy you could use as the auth strategy. This makes it easy when you use multiple ways to authenticate with your application. E.g. google, facebook, jwt, etc.
I'm building an API using Nodejs/express and exploring different ways to implement authentication/authorization.
I've come across two packages which seem to do similiar things:
Passport with jwt strategy
and
jsonwebtoken
I really don't understand the difference between the two, but passport seems a lot more complicated. I know these kind of questions generally don't fair well on stack-overflow but i genuinely don't understand the difference between the two but it seems passport is generally better received? Can somone explain whether or not these packages truly accomplish the same goal or if there's a reason to use one over the other?
Thanks.
Passport is "Passport is authentication middleware for Node.js. Extremely flexible and modular" as they say it has lot's of strategies among that passport-jwt is one.
What Passport did is they brought all the different strategies together like google-auth Facebook-authentication local-authentication and so on .
jsonwebtoken is a strategy same as passport-jwt but it is individual & passport is group of strategies .
In my opinion you should learn passport as learning it you can use all kinds of strategies.A strategy is type of authentication .
Pardon me for my english hope you get it
Feathers auth provides only JWT authentication, even if strategy is local.
Should I make full custom middleware for express-session usage and clean passport implimentation just to achive regular sessions behaviour or there's some solutions for this purpose?
Also, I want to use passport.socketio for autheticate sockets aswell.
Using Feathers authentication module is entirely optional and you can always register your own middleware at any point like before and after a service. This means you can set up a normal Express session setup and then set req.feathers to the information from the session that you also want to pass to Feathers services (like the user). As you mentioned, you will have to do the same thing with websockets (which also allow setting handshake.feathers in its middleware).
A full tutorial how to set up sessions and using authentication can be found in the Using A View engine cookbook documentation.
I am wondering why I cannot find any AOR and passport auth code online? I found a ton of keystone and passport though... Is there a specific reason for that - the two should work well together, right?
You're right, there is no reason admin-on-rest would not work with passport -- however, there is a caveat:
It seems you are searching for a "passport + AOR" tutorial or guide, but one of the selling points of admin-on-rest is that it is truly agnostic to any authentication implementation. Therefore, you would implement a passport strategy of your choosing (jwt, oauth, http basic) within admin-on-rest's authClient.js
https://marmelab.com/admin-on-rest/Authentication.html
What is the best way to implement user login system for website in hapi.js framework ?
I have searched a lot through the internet but I still don't know which module I should use to implement such authentication. I prefer using passport but the documentation for passport and hapi is so brief. Can anyone suggest me any module? Or a detailed documentation for passport and hapi.js ?
Thank you
If you're looking to do basic authentication, take a look at hapi-auth-basic. Alternately, you may wish to look at hapi-auth-cookie.
If you're looking for third-party login via oAuth there is Bell.
For more on authentication with Hapi take a look at the tutorial on hapijs.com.