First, i have this in my route, i need to use Passport to Authenticate the User Sign Up Process :
router.post('/user/signup', passport.authenticate('local.signup',{
successRedirect: '/user/profile',
failureRedirect: '/user/signup',
failureFlash: true
}));
I'm learning Node JS from Youtube Video, in the tutorial, there is a step to create Folder called "config", and inside the "config" folder, there is a file called "passport.js".
The problem is, there is "req" parameter inside one of the function in this "passport.js". When i try to run my program, there is an error that said, "req is not defined". this is the source code of "passport.js" :
var express = require('express');
var passport = require('passport');
var User = require('../models/user');
var LocalStrategy = require('passport-local').Strategy;
passport.serializeUser(function(user, done){
done(null, user.id);
});
passport.deserializeUser(function(id, done){
User.findById(id, function(err, user){
done(err, user);
});
});
passport.use('local.signup', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallBack: true
}, function(req, email, password, done){ //here is the problem
console.log('REQ :');
console.log(req);
console.log('password :');
console.log(email);
console.log('email :');
console.log(password);
console.log('done :');
console.log(done);
req.checkBody('email','Invalid Email').notEmpty().isEmail();
req.checkBody('password','Invalid password').notEmpty().isLength({min:4});
var errors = req.validationErrors();
if(errors){
var message = [];
errors.forEach(function(error){
message.push(error.msg);
});
return done(null, false, req.flash('error', messages));
}
User.findOne({'email': email}, function(err, user){
if(err){
return done(err);
}
if(user){
return done(null, false, {message: 'Email is already in use.'});
}
var newUser = new User();
newUser.email = email;
newUser.password = newUser.encryptPassword(password);
newUser.save(function(err, result){
if(err){
return done(err);
}
return done(null, newUser);
});
});
}));
How to bring the req to fill the parameter in the passport.js ?
The parameter is called passReqToCallback, not passReqToCallBack (notice that the b needs to be lower-case).
Related
I am making a admin which will request just for a certain passport.
But when I type it I cannot log in ? How can I solve it ?
const mongoose = require('mongoose');
const UserSchema = mongoose.Schema({
password:{
type: String,
required: true
}
});
const User = module.exports = mongoose.model('User', UserSchema);
In my command line, I created a users collectin and inserted a password:'sifre'
This is my password.js :
const LocalStrategy = require('passport-local').Strategy;
const User = require('../models/user');
const config = require('../config/database');
const bcrypt = require('bcryptjs');
module.exports = function(passport){
// Local Strategy
passport.use(new LocalStrategy(function(password){
let query = {password:password};
User.findOne(query, function(err, user){
if(err) throw err;
if(!user){
return done(null, false, {message: 'No user found'});
}
/*Also I have tried:
// Match Username
let query = {username:username};
User.findOne(query, function(err, user){
if(err) throw err;
if(!user){
return done(null, false, {message: 'No user found'});
} */
/* to understand if it is about user name. Even I added username to models, db.collections
and other code pages but I couldnt solve. Because again
I couldnt reflect the models to db, I think.*/
// Match Password
bcrypt.compare(password, user.password, function(err, isMatch){
if(err) throw err;
if(isMatch){
return done(null, user);
} else {
return done(null, false, {message: 'Wrong password'});
}
});
});
}));
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
}
Also this is my user.js:
const express = require("express");
const router = express.Router();
const bcrypt = require('bcryptjs');
const passport = require('passport');
let User = require('../models/user');
// Register Form
router.get('/login', function(req, res){
const password = req.body.password;
req.checkBody('password', 'Password is required').notEmpty();
let errors = req.validationErrors();
res.render('login');
});
router.post('/login', function(req, res, next){
passport.authenticate('local', {
successRedirect:'/',
failureRedirect:'/users/login',
failureFlash: true
})(req, res, next);
});
// logout
router.get('/logout', function(req, res){
req.logout();
req.flash('success', 'You are logged out');
res.redirect('/login');
});
module.exports = router;
And also this is my command line
db.createCollection('users');
...
db.users.insert{(password:'123'});
...
So how can I implement the inserted password to these code blocks. I cannot understand why it is not working. For now I dont get any errors but when I type that inserted password, I cannot move to user page.
Edit:
bcrypt.compare(password, user.password, function(err, isMatch){
console.log("asd");
if(err) throw err;
if(isMatch){
return done(null, user);
} else {
return done(null, false, {message: 'Wrong password'});
}
});
});
}));
This part is not working.(which is in passport.js)
Also I cannot entegrate the module(user.js) o my mongodb.
I'm trying to get a handle on user authentication with PassportJS, and I cannot get it to work my database setup.
I'm using MongoDB without Mongoose, and I can't get the LocalStrategy module to work.
Hopefully my database queries aren't too cumbersome to read.
Local Strategy:
passport.use(new LocalStrategy(
function(username, password, done) {
//Fire up database
mongo.connect("mongodb://localhost:27017/formulas", function(e, db) {
if (e) {return next(e);}
var col = db.collection("users");
//Do a database query to find a record by username
col.findOne({"username": username}, function(err, user){
if (err) { return done(err);}
if(!user) {
return done(null, false, { message: "Please check your log in credentials." });
}
//if it exists call done() object with user information
bcrypt.compare(password, user.password, function(err, res){
if (err) throw err;
if (res == true) {
return done(null, {username: username, password: password});
} else {
return done(null, false, { message: "Invalid password."});
}
});
});
});
}));
I call passport.authenticate() like this:
router.post('/login',
passport.authenticate('local', {successRedirect:'/', failureRedirect:'/about',failureFlash: false}),
function(req, res){
console.log(req.body);
console.log(req.user);
console.log("The user was logged");
});
SerializeUser and deserializeUser look like this:
passport.serializeUser(function(user, done) {
done(null, user.username);
});
passport.deserializeUser(function(id, done) {
mongo.connect("mongodb://localhost:27017/formulas", function(e, db){
if (e) {return next(e);}
var col = db.collection("users");
col.findOne({"username": id}, function(err, user){
done(err, {"username": id});
});
});
});
When I call app.post(/login) I'm taken directly to /about and nothing is logged to the console so I'm not quite sure what's going wrong.
Advice on what to fix or how to troubleshoot is greatly appreciated.
Firstly when u serialize user object , then in deserialize also whole user object must be passed.
Consider the example below.
For routes :
router.post('/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) { return next(err); }
if (!user) { return res.redirect('/login'); }
req.logIn(user, function(err) {
if (err) { return next(err); }
req.session.user = req.user;
return res.redirect('/home');
});
})(req, res, next);
});
For passport.js , place the localstrategy and passport in same folder
var passport = require('passport'),
session = require('express-session');
var local = require('./localstrategy.js');
module.exports = function (app) {
app.use(session({
secret: 'Site visit',
resave: true,
saveUninitialized: true,
cookie: { secure: false }
}));
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done){
done(null, user);
});
passport.deserializeUser(function(user, done){
done(null, user);
});
local();
};
For local strategy :
'use strict';
var passport = require('passport'),
local = require('passport-local').Strategy;
var user;
// path where the db.js is placed
var db = require('./../db.js');
var ObjectId = db.getObjectID();
var bcrypt = require('bcrypt');
module.exports = function(){
passport.use(new local({
usernameField : 'username',
passwordField : 'password'
}, function(username, password, done){
var collection = db.getDb().collection('users');
collection.findOne({
username: username,
}, function (err, result) {
if(result == null){
cb(null, false);
}else {
bcrypt.compare(password, result.password, function (err, passRes) {
if (passRes == true) {
user = user;
done(err, user);
}else{
done(null, false, { message : 'Invalid Password'});
}
});
}
});
}));
};
I'm trying to confirm users email addresses by sending an activator code to their email address. when user clicked on activator URL (GET method), server will compare activator code + username and try to handle it.
I'm using GET method like this:
router.get('/activator/:username/:activator', function(req, res, next){
passport.authenticate('activator', function(err, user, info){
if (err) {console.log('Error info: ', info);}
else if (!user) {console.log('User not found: ' , info)}
else {console.log('User activated')}
res.redirect('/');
})(req, res, next)
});
And activator.js is:
var LocalStrategy = require('passport-local').Strategy;
var User = require('../models/user');
module.exports = function(passport){
passport.use('activator', new LocalStrategy({
usernameField: 'username',
passwordField: 'activator'
},
function(username, password, done) {
User.findOne({username: username , activator: password},
function(err, user){
if (err){
return done(null, false, 'User not found.');
}
user.activate = true;
user.save(function (err) {
if (err) return handleError(err);
return done(null, user, 'Persistence Registration successful');
});
});
})
);
};
But server response is: { message: 'Missing credentials'}
It seems passport js and GET method params has some conflicts.
Am i right? what should i do for that?
Problem solved!
As I said, problem was for GET method & passport connection.
passport function only read from req.query which is only on POST method but GET method is using req.params.
So I changed my application code to :
router.get('/activator/:username/:activator', function(req, res, next){
req.query = req.params; // GET to POST simulator!
passport.authenticate('activator', function(err, user, info){
if (err) {console.log('Error info: ', info);}
else if (!user) {console.log('User not found: ' , info)}
else {console.log('User activated')}
res.redirect('/');
})(req, res, next)
});
your Strategy fields are not valid, replace it with email and password and send same parameters from client side
module.exports = function(passport) {
passport.use('activator', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
},
function(username, password, done) {
User.findOne({
username: username,
activator: password
},
function(err, user) {
if (err) {
return done(null, false, 'User not found.');
}
user.activate = true;
user.save(function(err) {
if (err) return handleError(err);
return done(null, user, 'Persistence Registration successful');
});
});
}));
};
I am running into an issue where I am trying to access my passport functions from my separate config file, but it doesn't appear that passport is being exposed when I require the file in my routes file. The error is occurring at .post(passportConfig.authenticate('local-login', {
Error:
has no method 'authenticate'
at Object. (/Users/user/Desktop/Projects/node/user-app/app/controllers/site-routes.js:68:23)`
passport.js (Passport authentication logic):
module.exports = function(passport){
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var models = require('../models/db-index');
/*==== Passport Configuration ====*/
// Serialize sessions
passport.serializeUser(function(user, done) {
console.log(user.user_id + "Serializing");
done(null, user.user_id);
});
passport.deserializeUser(function(user_id, done) {
models.User.findById(user_id).then(function(user){
done(null, user);
}).error(function(err){
done(err, null);
});
});
//Login Logic
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
},
function(req, email, password, done){
models.User.findOne({ where: { email : email }}).then(function(user) {
if (!user) {
done(null, false, req.flash('loginMessage', 'Unknown User'));
} else if (!user.validPassword(password)) {
done(null, false, req.flash('loginMessage', 'Wrong password'));
} else {
done(null, user);
}
}).catch(function(e) {
done(null, false, req.flash('loginMessage', e.name + " " + e.message));
});
}));
//Sign up Logic
passport.use('local-signup', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
}, function(req, email, password, done){
models.User.findOne({ where: { email: email }}).then(function(existingUser){
if (existingUser)
return done(null, false, req.flash('loginMessage', 'That email is already taken.'));
if (req.user) {
var user = req.user;
user.email = email;
user.password = models.User.generateHash(password);
user.save().catch(function (err){
throw err;
}).then(function(){
done(null, user);
});
} else {
var newUser = User.build({
email: email,
password: models.User.generateHash(password)
});
newUser.save().then(function(){ done(null, newUser);
}).catch(function(err){
done(null, false, req.flash('loginMessage', err));
});
}
}).catch(function(e){
done(null, false, req.flash('loginMessage',e.name + " " + e.message));
})
}));
};
site-routes.js:
var express = require('express');
var siteRoutes = express.Router();
var path = require('path');
var passportConfig = require(path.resolve(__dirname, '..', '..','./config/passport.js'));
var models = require('../models/db-index');
/*==== Index ====*/
siteRoutes.get('/', function(req, res){
res.render('pages/index.hbs');
});
siteRoutes.get('/flash', function(req, res){
req.flash('test', 'it worked');
res.redirect('/')
});
/*==== Login ====*/
siteRoutes.route('/login')
.get(function(req, res){
res.render('pages/login.hbs');
})
.post(passportConfig.authenticate('local-login', {
successRedirect: '/app',
failureRedirect: '/login',
failureFlash: 'Invalid username or password.'
}));
siteRoutes.route('/sign-up')
.get(function(req, res){
res.render('pages/sign-up.hbs');
})
.post(function(req, res){
models.User.create({
firstName: req.body.firstName,
lastName: req.body.lastName,
email: req.body.email,
password: req.body.password
}).then(function() {
res.redirect('/app');
//res.redirect('/sign-up/create-organization');
}).catch(function(error){
res.send(error);
})
});
module.exports = siteRoutes;
When you require config/passport.js, passportConfig will be initialized as a function, as you assigned a function to module.exports in your passport.js file. I'm referring to this line:
module.exports = function(passport){
What I'd do is to get rid of the function. Let the code execute and then assign passport to module.exports. .authenticate method is sitting on passport object.
Like this:
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var models = require('../models/db-index');
/*==== Passport Configuration ====*/
// Serialize sessions
passport.serializeUser(function(user, done) {
console.log(user.user_id + "Serializing");
done(null, user.user_id);
});
passport.deserializeUser(function(user_id, done) {
models.User.findById(user_id).then(function(user){
done(null, user);
}).error(function(err){
done(err, null);
});
});
//Login Logic
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
},
function(req, email, password, done){
models.User.findOne({ where: { email : email }}).then(function(user) {
if (!user) {
done(null, false, req.flash('loginMessage', 'Unknown User'));
} else if (!user.validPassword(password)) {
done(null, false, req.flash('loginMessage', 'Wrong password'));
} else {
done(null, user);
}
}).catch(function(e) {
done(null, false, req.flash('loginMessage', e.name + " " + e.message));
});
}));
//Sign up Logic
passport.use('local-signup', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
}, function(req, email, password, done){
models.User.findOne({ where: { email: email }}).then(function(existingUser){
if (existingUser)
return done(null, false, req.flash('loginMessage', 'That email is already taken.'));
if (req.user) {
var user = req.user;
user.email = email;
user.password = models.User.generateHash(password);
user.save().catch(function (err){
throw err;
}).then(function(){
done(null, user);
});
} else {
var newUser = User.build({
email: email,
password: models.User.generateHash(password)
});
newUser.save().then(function(){ done(null, newUser);
}).catch(function(err){
done(null, false, req.flash('loginMessage', err));
});
}
}).catch(function(e){
done(null, false, req.flash('loginMessage',e.name + " " + e.message));
})
}));
module.exports = passport;
So I am trying to add local authentication to my MEAN stack app.
Everything was running smoothly. Sign up works great. But I cannot log in as a user.
I am getting:
POST /login 302 3.979 ms - 58
on the console (via Morgan)
But there is certainly an error (express routes to the "failureRedirect" set via passport)
Could it be a problem reading from the db? Why would I be able to write to it then...
A test with chai reveals that the program cannot "find user by email" from the db via User Model
anyone have any clue why this is happening?
Here is my passport strategy code:
/config/passport.js
var LocalStrategy = require('passport-local').Strategy;
var User = require('../models/users');
module.exports = function(passport) {
// passport session setup ==================================================
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
// local login =============================================================
passport.use('local-login', new LocalStrategy({
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true
},
function(req, email, password, done) {
User.findOne({ 'local.email' : email }, function(err, user) {
if (err)
return done(err);
if (!user)
return done(null, false, req.flash('loginMessage', 'No user found.'));
if (!user.validPassword(password))
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.'));
return done(null, user);
});
}));
// local sign up =============================================================
passport.use('local-signup', new LocalStrategy({
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true
},
function(req, email, password, done) {
User.findOne({ 'local.email' : email }, function(err, user) {
if (err)
return done(err);
if (user) {
return done(null, false, req.flash('signupMessage', 'That email is already taken.'));
} else {
var newUser = new User();
newUser.local.email = email;
newUser.local.password = newUser.generateHash(password); // use the generateHash function in our user model
newUser.save(function(err) {
if (err)
throw err;
return done(null, newUser);
});
}
});
}));
};
Here's the routes:
// /login ======================================================================
app.route('/login')
.get(function(req, res) {
res.setHeader('Content-Type', 'text/html');
res.render('login.html');
})
.post(passport.authenticate('local-login', {
successRedirect : '/profile',
failureRedirect : '/'
}));
// /signup ======================================================================
app.route('/signup')
.get(function(req, res) {
res.setHeader('Content-Type', 'text/html');
res.render('signup.html');
})
.post(passport.authenticate('local-signup', {
successRedirect : '/profile',
failureRedirect : '/'
}));
Login Strategy
// passport/login.js
passport.use('login', new LocalStrategy({
passReqToCallback : true
},
function(req, username, password, done) {
// check in mongo if a user with username exists or not
User.findOne({ 'username' : username },
function(err, user) {
// In case of any error, return using the done method
if (err)
return done(err);
// Username does not exist, log error & redirect back
if (!user){
console.log('User Not Found with username '+username);
return done(null, false,
req.flash('message', 'User Not found.'));
}
// User exists but wrong password, log the error
if (!isValidPassword(user, password)){
console.log('Invalid Password');
return done(null, false,
req.flash('message', 'Invalid Password'));
}
// User and password both match, return user from
// done method which will be treated like success
return done(null, user);
}
);
}));
We now define our routes for the application in the following module which takes the instance of Passport created in app.js above. Save this module in
module.exports = function(passport){
/* GET login page. */
router.get('/', function(req, res) {
// Display the Login page with any flash message, if any
res.render('index', { message: req.flash('message') });
});
/* Handle Login POST */
router.post('/login', passport.authenticate('login', {
successRedirect: '/home',
failureRedirect: '/',
failureFlash : true
}));
/* GET Registration Page */
router.get('/signup', function(req, res){
res.render('register',{message: req.flash('message')});
});
/* Handle Registration POST */
router.post('/signup', passport.authenticate('signup', {
successRedirect: '/home',
failureRedirect: '/signup',
failureFlash : true
}));
return router;
}