Search code examples
javascriptnode.jsexpresspassport.jspassport-local

Passport-init.js authentication is not working in nodejs

I am new to nodejs and trying to develop nodejs demo application referring this article. I followed all steps and its first phase is working fine for me. But after adding passport authentication it is not working

here is my app.js

 var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var passport = require('passport');
//add for Mongo support
//var mongoose = require('mongoose');


var api = require('./routes/api');
var authenticate = require('./routes/authenticate')(passport);

//connect to Mongo
// mongoose.connect('mongodb://localhost:27017/MEAN_Stack');
// require('./models/models.js');

var app = express();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');

// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(session({
  secret: 'keyboard cat'
}));
//app.use(bodyParser.json());
//app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(passport.initialize());
app.use(passport.session());


//// Initialize Passport
var initPassport = require('./passport-init');
initPassport(passport);

app.use('/api', api);
app.use('/auth', authenticate);

// catch 404 and forward to error handler
app.use(function(req, res, next) {
  var err = new Error('Not Found');
  err.status = 404;
  next(err);
});

// error handlers

// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
  app.use(function(err, req, res, next) {
    res.status(err.status || 500);
    res.render('error', {
      message: err.message,
      error: err
    });
  });
}

// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
  res.status(err.status || 500);
  res.render('error', {
    message: err.message,
    error: {}
  });
});


module.exports = app;

here is my api.js

var express = require('express');
var router = express.Router();


//Register the authentication middleware
//router.use('/posts');

//api for all posts
router.route('/posts')

    //create a new post
    .post(function(req, res){

        //TODO create a new post in the database
        res.send({message:"TODO create a new post in the database rhushikesh"});
    })

    .get(function(req, res){

        //TODO get all the posts in the database
        res.send({message:"TODO get all the posts in the database"});
    })

//api for a specfic post
router.route('/posts/:id')

    //create
    .put(function(req,res){
        return res.send({message:'TODO modify an existing post by using param ' + req.param.id});
    })

    .get(function(req,res){
        return res.send({message:'TODO get an existing post by using param ' + req.param.id});
    })

    .delete(function(req,res){
        return res.send({message:'TODO delete an existing post by using param ' + req.param.id})
    });

module.exports = router;

here is my authenticate.js 

var express = require('express');
var router = express.Router();

module.exports = function(passport){

    //sends successful login state back to angular
    router.get('/success', function(req, res){
        res.send({state: 'success', user: req.user ? req.user : null});
    });

    //sends failure login state back to angular
    router.get('/failure', function(req, res){
        res.send({state: 'failure', user: null, message: "Invalid username or password1111"});
    });

    //log in
    router.post('/login', passport.authenticate('login', {
        successRedirect: '/auth/success',
        failureRedirect: '/auth/failure'
    }));

    //sign up
    router.post('/signup', passport.authenticate('signup', {
        successRedirect: '/auth/success',
        failureRedirect: '/auth/failure'
    }));

    //log out
    router.get('/signout', function(req, res) {
        req.logout();
        res.redirect('/');
    });

    return router;

}

here is my passport-init.js

var LocalStrategy   = require('passport-local').Strategy;
var bCrypt = require('bcrypt-nodejs');
//temporary data store
var users = {};
module.exports = function(passport){

    // Passport needs to be able to serialize and deserialize users to support persistent login sessions
    passport.serializeUser(function(user, done) {
        console.log('serializing user:',user.username);
        return done(null, user.username);
    });

    passport.deserializeUser(function(username, done) {

        return done('we have not implemented this', false);

    });

    passport.use('login', new LocalStrategy({
            passReqToCallback : true
        },
        function(req, username, password, done) { 

             if(!users[username]){
                console.log('User Not Found with username '+username);
                return done(null, false);
            }

            if(isValidPassword(users[username], password)){
                //sucessfully authenticated
                return done(null, users[username]);
            }
            else{
                console.log('Invalid password '+username);
                return done(null, false)
            }
        }
    ));

    passport.use('signup', new LocalStrategy({
            passReqToCallback : true // allows us to pass back the entire request to the callback
        },
        function(req, username, password, done) {

        //    if (users[username]){
        //         console.log('User already exists with username: ' + username);
        //         return done(null, false);
        //     }

            //store user in memory 
            users[username] = {
                username: username,
                password: createHash(password)
            }

            console.log(users[username].username + ' Registration successful');
            return done(null, users[username]);

        })
    );

    var isValidPassword = function(user, password){
        return bCrypt.compareSync(password, user.password);
    };
    // Generates hash using bCrypt
    var createHash = function(password){
        return bCrypt.hashSync(password, bCrypt.genSaltSync(10), null);
    };

};

When i try to hit the signup api from postman it always redirect to failure api. I also have tried with the debugger but i am not getting the controller over there.

enter image description here

enter image description here

Solution

  • just uncomment following line in app.js

    //app.use(bodyParser.json());
//app.use(bodyParser.urlencoded({ extended: false }));

    and update passport-init.js 

    passport.deserializeUser(function(username, done) {

        return done('we have not implemented this', false);

    });

    to 

    passport.deserializeUser(function(username, done) {

        return done(null, users[username]);

    });