Reputation: 8376
How to distinguish an authenticated user at client side with Passport and node.js?
I use Passport.js with MongoStore for authentication, I use express as web framework. Once a user has logged in he can access to content at a certain route.
I'd like to offer distinct contents depending on which user has authenticated. Let's say at Mongo collection of members each got a category or privileges attribute and upon of it I'll condition what to display to him.
I'll be using AngularJS for binding and rendering HTML.
This is my routes managing:
app.get('/',function (request, response) {
if(request.isAuthenticated())
response.redirect('/admin')
else
response.sendfile("public/index.html")
})
app.get('/admin',function (request, response) {
if(request.isAuthenticated())
response.sendfile("views/admin.html")
else
response.redirect('/')
})
app.post('/login',
passport.authenticate('local', {
successRedirect: '/admin',
failureRedirect: '/'
})
)
app.get('/logout', function (request, response){
request.session.destroy(function (err) {
response.redirect('/'); //Inside a callback… bulletproof!
})
})
app.get('*',function (request, response) {
response.redirect('/')
})
And this is my
Passport.jscode:
mongoose.connect('mongodb://localhost/integraDB')
var Schema = mongoose.Schema
var userCredential = new Schema({
username: String,
password: String
}, {
collection: 'members'
})
var userCredentials = mongoose.model('members', userCredential)
app.use(session({
clear_interval: 900,
cookie: { maxAge: 2 * 60 * 60 * 1000 },
store: new MongoStore({
db : mongoose.connection.db
})
}));
passport.serializeUser(function(user, done) {
done(null, user);
})
passport.deserializeUser(function(user, done) {
done(null, user);
})
passport.use(new LocalStrategy(function(username, password, done) {
process.nextTick(function() {
userCredentials.findOne({
'username': username,
}, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false);
}
if (user.password != password) {
return done(null, false);
}
return done(null, user);
});
});
}))
How can I achieve this?
Upvotes: 1
Views: 1611
Answers (1)
Reputation: 39522
There's no magic wand you can wave to achieve this. Passport stores the results of deserializeUser on req.user (you are using sessions, right)?
If we want to do something different based on user roles, we have two options. One is to render a different view:
exports.home = function(req, res) {
if (!req.user) {
return res.render('anon');
} else if (req.user.role === 'basic') {
return res.render('basic');
} else if (req.user.role === 'advanced') {
return res.render('advanced');
}
return res.send(500);
};
The other is to pass req.user.role to whatever rendering engine you're using (I'll use ejs here):
exports.home = function(req, res) {
var userRole = req.user ? req.user.role : 'anon';
res.render('home', {
role: userRole
});
};
And then in home.ejs:
<% if (role === 'basic') { %>
<!-- basic menu -->
<% } else if (role === 'advanced') { %>
<!-- advanced menu -->
<% } %>
Upvotes: 1
Related Questions
- check if user logged in by passport Strategy (different user types)
- Authentication with separated client and server
- How to know if user is logged in with passport.js?
- Manage authentication of different types of users in express.js using passport.js
- Checking if a user is logged in with PassportJS / ExpressJS
- Angularjs, Expressjs and passportjs for authentication checks on server side
- passport.js - authenticate users from MongoDB with passport-local
- Correct Authentication Pattern using Passport.js
- Passport for authentication in Node JS
- How to authenticate a user server-side with Passport JS?