Develop Reference

req.user undefined using Express & Node & Passport

I am currently creating a small user authentication app using Node + Express + Passport. When the user logs in, they are rerouted automatically to the index page "/" and a session should be established with passports authentication. For some reason when trying to console.log(req.user), it is returning "undefined".
The authentication with passport seems to be working properly with the post route
app.post("/login", passport.authenticate("local", {
successRedirect: "/home",
failureRedirect: "/login"
}), (req, res) => {
})
But the session is not being established with the user model. I'd like to eventually store the userId in the session. Here is a look at my current set up with user model and passport implementation on the server file.
const mongoose = require("mongoose");
const passportLocalMongoose = require('passport-local-mongoose');
const userSchema = mongoose.Schema({
username: String,
email: String,
password: String
});
userSchema.plugin(passportLocalMongoose);
const user = mongoose.model("User", userSchema);
module.exports = user;
-----------------------------------------------------------------------------------------
const express = require("express"),
mongoose = require("mongoose"),
bodyParser = require("body-parser"),
session = require("express-session"),
User = require("./models/user"),
passport = require('passport'),
LocalStragety = require('passport-local'),
app = express();
mongoose.connect("mongodb://localhost/shopping_cart_app", { useNewUrlParser: true })
.then(console.log("MongoDB Connected"))
.catch(err => console.log(err));
app.set("view engine", "ejs");
app.use(bodyParser.urlencoded({ extended: true }));
app.use(express.static(__dirname + '/views'));
app.use(session({
secret: "secret",
resave: false,
saveUninitialized: true,
cookie: { secure: true }
}));
app.use(passport.initialize());
app.use(passport.session());
passport.use(new LocalStragety(User.authenticate()));
passport.serializeUser(User.serializeUser());
passport.deserializeUser(User.deserializeUser());
app.post("/login", passport.authenticate("local", {
successRedirect: "/home",
failureRedirect: "/login"
}), (req, res) => {
})
I've tried looking into Passports config a bit more but on the documentation provided, it states that once passport.authenticate runs, a session with the user is established. Any tips would be greatly appreciate.
Thanks

I know this may seem simple, but have you tried req.body.user?
The req.body contains the data submitted by the user. The documentation suggest that you use a body parser to populate the information because it's undefined by default. However, instead of using the app object I use express router without parsing.
const express = require("express");
const router = express.Router();
router.post("/login", passport.authenticate("local", {
successRedirect: "/home",
failureRedirect: "/login"
}), (req, res) => {
console.log(req.body.user);
})
for more information: req.body

Try this one, In my project, it is working.
LocalStrategy
var passport = require('passport'),
LocalStrategy = require('passport-local').Strategy;
var mongoose = require('mongoose');
var admins = mongoose.model('admins');
var bCrypt = require('bcrypt-nodejs');
var flash = require('connect-flash');
var moment = require('moment');
// User
passport.serializeUser(function(user, done) {
done(null, user._id);
});
passport.deserializeUser(function(obj, done) {
console.log("deserializing " + obj);
done(null, obj);
});
passport.use('adminlogin',new LocalStrategy(
function(username, password, done) {
admins.findOne({ 'email' : username },
function(err, user) {
//console.log(username);
if (err)
return done(err);
if (!user){
//console.log('Username '+username+' does not Exist. Pleasr try again.');
return done(null, false, { message: 'Incorrect Username/Password. Please try again.' });
}
if (!isValidPasswordAdmin(user, password)){
//console.log('Invalid Password');
return done(null, false, { message: 'Incorrect Password. Please try again.' });
}
return done(null, user);
}
);
})
);
var isValidPassword = function(user, app_pin){
return bCrypt.compareSync(app_pin, user.app_pin);
}
var isValidPasswordAdmin = function(user, password){
return bCrypt.compareSync(password, user.password);
}
module.exports = passport;
Login Route
router.post('/login', function (req, res, next) {
admins.find({}, function (err, user) {
if (err) {
console.log('internal database error');
req.flash('error', 'Database Error');
res.redirect('/admins');
} else {
passport.authenticate('adminlogin', function (err, user, info) {
if (err) {
console.log(err);
req.flash('error', 'Database Error');
res.redirect('/admins');
} else if (!user) {
req.flash('error', info.message);
res.redirect('/admins');
} else {
req.logIn(user, function (err) {
if (err) {
req.flash('error', 'Database Error');
res.redirect('/admins');
} else {
res.redirect('/admins/home');
}
});
}
})(req, res, next);
}
});
});

Passport Not Authenticating Correctly

This is my first time doing user authentication and I think I'm nearly complete. I'm using Express with Passport.js and MongoDB/Mongoose. When I run my gulp file everything loads correctly but when I attempt to login with my credentials I'm constantly redirected to the failure page (home screen). Here's my code:
// Initialize
const bodyParser = require('body-parser')
const path = require('path')
const bcrypt = require('bcryptjs')
const express = require('express')
const session = require('express-session')
const cookieParser = require('cookie-parser')
const passport = require('passport'),
LocalStrategy = require('passport-local').Strategy
let userData = require('./models/user.js')
const app = express()
// Configuration
app.use(cookieParser())
app.use(session({ secret: 'ThisIsTheSessionSecret', resave: true, saveUninitialized: true }))
app.use(passport.initialize())
app.use(passport.session())
app.use(express.static(path.join(__dirname, '../../docs')))
app.use(express.static(path.join(__dirname, '../../src')))
app.set('port', process.env.PORT || 8080);
app.set('view engine', 'pug')
app.set('views', 'src/pages')
let urlencodedParser = bodyParser.urlencoded({ extended: false })
// Configure authentication and sessions
passport.use(new LocalStrategy(
function(username, password, done) {
user.findOne({ username: username }, function(err, user) {
if (err) { console.log(err) }
if (!user) {
return done(null, false, { message: 'Incorrect username.' })
}
if (!user.validPassword(password)) {
return done(null, false, { message: 'Incorrect password.' })
}
return done(null, user)
})
}
));
// Session
passport.serializeUser(function(user, done) {
done(null, user.id)
});
passport.deserializeUser(function(id, done) {
user.findById(id, function(err, user) {
done(err, user)
})
})
app.listen(app.get('port'))
console.log('Listening on port: ' + app.get('port'))
// Initialize database (local or remote?)
const MongoClient = require('mongodb').MongoClient,
mongoose = require('mongoose'),
assert = require('assert')
const database = 'mongodb://localhost:27017/database'
mongoose.connect(database)
let db = mongoose.connection
db.on('error', console.error.bind(console, 'connection error'))
db.once('open', function() {
// let testUser = new userData.UserModel({ username: 'PodcatchUser', password: 'RIPHarambe' })
// console.log(testUser.username)
})
// Routing
app.get('/', function(req, res) {
console.log('Welcome!')
res.render('index')
})
// Registration
app.post('/signup', urlencodedParser, function(req, res) {
let username = req.body.username,
password = req.body.password,
salt = bcrypt.genSaltSync(10),
hash = bcrypt.hashSync(password, salt)
let user = new userData.UserModel({
username: username,
password: hash
})
console.log(user.username)
console.log(user.password)
user.save(function(err) {
if (err) {
return console.log(err, user)
} else {
console.log('User has been saved to the database successfully')
}
})
res.end()
})
// Login
app.post('/login', passport.authenticate('local', { successRedirect: '/success',
failureRedirect: '/' }), function(req, res) {
res.end()
})
and the code in the userData module:
const mongoose = require('mongoose')
let UserSchema = mongoose.Schema({
username: String,
password: String
})
let UserModel = mongoose.model('UserModel', UserSchema)
module.exports.UserSchema = UserSchema
module.exports.UserModel = UserModel
I'm really confused as to what's happening. Mongo saves the credentials and hashed password to the database, I create a session and have a cookie parser but it doesn't authenticate. Help would be greatly appreciated :)

I can not authenticate the routes express with passport-facebook

Good afternoon people.
I'm having a few days ago trying to authenticate routes using express and passport-facebook but without success. And on the client I'm using VueJs.
If anyone can help me in this problem I will be very happy.
I'll post my code below:
express.js
'use strict';
let express = require('express');
let bodyParser = require('body-parser');
let cors = require('cors');
let cookieParser = require('cookie-parser');
let session = require('express-session');
let passport = require('passport');
let load = require('express-load');
module.exports = () => {
let app = express();
//configurar a porta em que o express irá rodar
app.set('port', 3000, "127.0.0.1");
//configura como os dados são transitados entres servidor e cliente
app.use(bodyParser.urlencoded({extended: true}));
app.use(bodyParser.json());
app.use(require('method-override')());
app.use('*', cors());
app.use(cookieParser());
app.use(session({
secret: 'ilovenodejs',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
load('models', {cwd: 'app'})
.then('controllers')
.then('routes')
.into(app);
return app;
}
file passport.js
'use strict';
var passport = require('passport');
var FacebookStrategy = require('passport-facebook').Strategy;
var mongoose = require('mongoose');
var configAuth = require('./auth');
module.exports = () => {
var Usuario = mongoose.model('Usuario');
passport.use(new FacebookStrategy({
clientID: configAuth.facebookAuth.clientID,
clientSecret: configAuth.facebookAuth.clientSecret,
callbackURL: configAuth.facebookAuth.callbackURL
},
function (accessToken, refreshToken, profile, done) {
//console.log('profile: ', profile);
process.nextTick(() => {
Usuario.findOne({'facebook.id': profile.id}, (err, usuario) => {
if (err) return done(err);
if (usuario) {
//console.log('user: ', user);
return done(null, usuario);
} else {
var usuario = new Usuario();
usuario.facebook.id = profile.id;
usuario.facebook.token = accessToken;
usuario.facebook.name = profile.displayName;
usuario.facebook.email = 'email';
usuario.save((err) => {
if (err) throw err;
return done(null, usuario);
});
}
});
});
}
));
passport.serializeUser(function(usuario, done){
console.log('serialize', usuario._id);
done(null, usuario._id);
});
passport.deserializeUser(function(id, done){
console.log('deserialize', id);
Usuario.findById(id).exec()
.then(function(usuario){
console.log('deserialize', usuario);
done(null, usuario);
});
});
}
route passport:
'use strict';
//let cors = require('cors');
let passport = require('passport');
module.exports = (app) => {
let controller = app.controllers.usuarios;
let Usuario = app.models.usuario;
let temp = '';
let objetoUsuario = {}
//app.use(cors());
app.route('/api/usuarios')
.get(controller.listaUsuarios)
.post(controller.salvaUsuario);
app.get('/auth/facebook', passport.authenticate('facebook'),
function (req, res) { });
app.get('/auth/facebook/callback',
passport.authenticate('facebook', { failureRedirect: '/' }),
function (req, res) {
temp = req.session.passport;
console.log(req.session.passport);
req.session.save(() => {
req.user = req.session.passport
res.redirect('http://localhost:8080/#!/home');
});
});
app.get('/v1/success', (req, res) => {
Usuario.findById(temp.user).exec()
.then((usuario) => {
if (!usuario) throw new error('Usuario não encontrado');
res.json(usuario);
req.session.passport.user = usuario
}, (err) => {
res.status(404).json(err);
});
//console.log(req.session.passport);
});
app.get('/logout', (req, res) => {
req.logout();
res.redirect('http://localhost:8080/#!/home');
});
}
This part of passport routes'm doing redirect to my vuejs client.
Part authentication routes:
'use strict';
function verificaAutenticacao(req, res, next){
console.log(req.user);
console.log(req.session);
if(req.isAuthenticated()){
return next();
}else{
res.status('401').json('não autorizado');
}
};
module.exports = (app) => {
let controller = app.controllers.viagens;
app.route('/api/viagens')
.post(verificaAutenticacao, controller.salvaViagem);
}
Log passeport console. The passeport session is empty do not know why.
Session {
cookie:
{ path: '/',
_expires: null,
originalMaxAge: null,
httpOnly: true },
passport: {} }
I know I'm doing something wrong but do not know where this my mistake.
User authentication is done normally and if I do a console.log (req.session.passport) there is the id of the user in the session, but when I go to authenticate the session.passport this empty and now I do not know what do.
If anyone can help me.
Thank you.

integrating authentication to my app using Auth0 and node.js

i'm developing application on cloud9 enviroment. using:
node 4.43
express 4.13.4
i have integrated my Demo Auth0 account into my on-dev application.
i am able to login (being redirected to the first page of my app), but when i'm printing req.isAuthenticated() i'm getting false. also req.user is undefined.
i have followed the quick start of auth0 for node.js.
i'm attaching the three files that are mainly invovled:
app.js:
var express = require('express'),
app = express(),
BodyParser = require("body-parser"),
mongoose = require("mongoose"),
student = require ("./models/student"),
students_class = require("./models/class"),
// =============
// auth0
// =============
passport = require('passport'),
strategy = require('./models/setup-passport'),
cookieParser = require('cookie-parser'),
session = require('express-session');
app.use(cookieParser());
app.use(session({ secret: 'FpvAOOuCcSBLL3AlGxwpNh5x-U46YCRoyBKWJhTPnee2UELMd_gjdbKcbhpIHZoA', resave: false, saveUninitialized: false }));
app.use(passport.initialize());
app.use(passport.session());
app.get('/login',passport.authenticate('auth0', { failureRedirect: '/url-if-something-fails' }),
function(req, res) {
res.send(req.user);
if (!req.user) {
throw new Error('user null');
}
res.redirect("/", {username: req.user});
});
mongoose.connect("mongodb://localhost/myapp");
// ============================
// routes
// ============================
var classRoutes = require("./routes/class"),
indexRoutes = require("./routes/index"),
studentRoutes = require("./routes/student"),
assocRroutes = require ("./routes/assoc");
// ============================================
// configuring the app
// ============================================
app.set("view engine", "ejs");
app.use(express.static ("public"));
app.use(BodyParser.urlencoded({extended: true}));
app.use(classRoutes);
app.use (indexRoutes);
app.use(studentRoutes);
app.use(assocRroutes);
app.listen(process.env.PORT, process.env.IP, function() {
console.log('Attendance Server is Running ....');
});
setup-passport.js
var passport = require('passport');
var Auth0Strategy = require('passport-auth0');
var strategy = new Auth0Strategy({
domain: 'me.auth0.com',
clientID: 'my-client-id',
clientSecret: 'FpvAOOuCcSBLL3AlGxwpNh5x-U46YCRoyBKWJhTPnee2UELMd_gjdbKcbhpIHZoA',
callbackURL: '/callback'
}, function(accessToken, refreshToken, extraParams, profile, done) {
// accessToken is the token to call Auth0 API (not needed in the most cases)
// extraParams.id_token has the JSON Web Token
// profile has all the information from the user
return done(null, profile);
});
passport.use(strategy);
// This is not a best practice, but we want to keep things simple for now
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
module.exports = strategy;
index.js (the actual fisrt page where i want to re-direct after successful login:
var express = require("express");
var passport = require('passport');
var ensureLoggedIn = require('connect-ensure-login').ensureLoggedIn();
var router = express.Router();
var student = require ("../models/student");
//INDEX
router.get("/callback", function(req, res) {
student.find({}, function(err, student) {
console.log(req.isAuthenticated())
if (err) {
console.log(err);
} else {
res.render("home/index.ejs", {
students: student
});
}
});
});
module.exports = router;
any suggestion what could go wrong?
also wierd for me that on app.js, the guide is initializing the variable strategy but actually never seem to use it.
BUMP

You are not calling passport.authenticate() in the /callback endpoint. See for comparison: https://auth0.com/docs/quickstart/webapp/nodejs#5-add-auth0-callback-handler
// Auth0 callback handler
app.get('/callback',
passport.authenticate('auth0', { failureRedirect: '/url-if-something-fails' }),
function(req, res) {
if (!req.user) {
throw new Error('user null');
}
res.redirect("/user");
});

How get passport var on routes with express load

I'm trying to use passport local strategy in my app but the passport variable is undefined on the index.js route. Below is my codes from app.js, passport.js and my index.js route.
Here is my app.js:
var express = require("express");
var path = require('path');
var load = require("express-load");
var bodyParser = require("body-parser");
var cookieParser = require("cookie-parser");
var expressSession = require("express-session");
var methodOverride = require('method-override');
var passport = require('passport');
var error = require('./middlewares/error');
var app = express();
var server = require('http').Server(app);
global.mongoose = require('mongoose');
mongoose.connect('mongodb://localhost:27017/test');
require('./config/passport')(passport);
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(cookieParser('talkieparty'));
app.use(expressSession({
resave: false,
saveUninitialized: false,
secret: "149194"
}));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: true}));
app.use(methodOverride('_method'));
app.use(passport.initialize());
app.use(passport.session());
app.use(express.static(path.join(__dirname, 'public')));
load('models').then('controllers').then('routes').into(app, passport);
app.use(error.notFound);
app.use(error.serverError);
var User = app.models.user;
var moment = require('moment');
process.on('message', function(data) {//Executa um função ordenada pelo master.
console.log(process.pid + " executar: " + JSON.stringify(data));
var action = data.action;
switch(action) {
case "confirmation-email-sended":
var email = data.data.email;
User.findOne({email: email}, function(error, user) {
if(error) {
console.log(error);
}else {
if(!user) {
return console.log("No user was found with e-mail like " + email);
}
user.register.notified = true;
user.register.notified_date = new Date(moment().format());
user.save(function(error, user) {
if(error) {
console.log(error);
}else {
console.log("User " + user.email + " received the confirmation e-mail successfully!");
}
});
}
});
break;
default:
console.log("No action was found for " + action);
break;
};
});
server.listen(80, function() {
console.log("Listening!");
});
Here is my passport.js:
var LocalStrategy = require('passport-local').Strategy;
var User = require('../models/user');
module.exports = function(passport) {
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
}, function(req, email, password, done){
User.findOne({'email': email}, function(err, user) {
if(err) return done(err);
if(!user) return done(null, false, null);
if(!user.comparePasswordHashes(data.pass, user.register.password)) return done(null, false, null);
return done(null);
})
}));
}
And here is my index.js route where i'm getting the passport undefined:
module.exports = function(app, passport) {
var indexController = app.controllers.index;
app.get('/', indexController.index);
app.post('/login', indexController.login);
app.post('/register', indexController.register);
app.post('/passport', passport.authenticate('local-login', {
successRedirect: '/logado',
failureRedirect: '/falhou',
failureFlash: false
}));
};