Daniel Dethloff
Reputation: 1
Node passport Authentication REST URL
I tried to ensure passport auth to a Rest URL.
var isAuthenticated = function (req, res, next) {
var isAuthenticated = function (req, res, next)
if (req.isAuthenticated())
return next();
res.redirect('/');
};
But by trying to get:
router.get('/edit_grm_user/:user_id',isAuthenticated, function(req, res,next){[...]}
I got this error:
if (req.isAuthenticated())
^
TypeError: Cannot read property 'isAuthenticated' of null
by getting a URL without any Params inside, there is no error i.e.
router.post('/create_grem_user',isAuthenticated, function(req, res, next){[...]}
Does anyone have a solution for this?
Upvotes: 0
Views: 759
Answers (1)
Wilson
Reputation: 9136
Wondering why are you defining two times isAuthenticated:
var isAuthenticated = function (req, res, next) {
var isAuthenticated = function (req, res, next)
Anyways I have created an example mimicking your context:
// Express server
var express = require('express');
var app = express();
// Passport
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
// Middlewares
var flash = require('connect-flash');
var bodyParser = require('body-parser');
var cookieParser = require('cookie-parser');
var methodOverride = require('method-override');
var session = require('express-session');
var users = [
{
id: 1,
username: 'wilson',
password: 'secret',
email: '[email protected]'
}
];
function findUserById(id, cb) {
var idx = id - 1;
var user = users[idx];
if (user) {
cb(null, user);
} else {
fn(new Error('User ' + id + ' does not exist.'));
}
}
function findUserByUsername(username, cb) {
var userFound = null;
users.some(function(user) {
if (user.username === username) {
userFound = user;
return true;
}
});
return cb(null, userFound);
}
function isAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
return next();
}
next(new Error('You are not authenticated!.\n'));
}
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
findUserById(id, done);
});
passport.use(new LocalStrategy(function(username, password, done) {
process.nextTick(function() {
findUserByUsername(username, function(err, user) {
if (err) return done(err);
if (!user) return done(null, false, {message: 'Unknown user ' + username});
if (user.password !== password) return done(null, false, {message: 'Invalid Password.'});
return done(null, user);
});
});
}));
app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: true}));
app.use(methodOverride());
app.use(session({
secret: 'mysecret',
resave: false,
saveUninitialized: true
}));
app.use(flash());
app.use(passport.initialize());
app.use(passport.session());
app.post(
'/auth',
passport.authenticate('local', {}),
function(req, res, next) {
res.send('You just authenticated!\n');
}
);
app.get('/get-route/:something', isAuthenticated, function(req, res, next) {
var something = req.params.something;
res.send('hello from get-route here is your param: '+ something +'\n');
});
app.post('/post-route', isAuthenticated, function(req, res, next) {
res.send('hello from post-route\n');
});
// handling errors
app.use(function(err, req, res, next) {
res.status(err.status || 500).send(err.message);
});
app.listen(4040, function() {
console.log('server up and running');
});
Where the /get-route/:something and /post-route could be consumed only by authenticated users.
So if you try to consume /get-route/:something without authenticate yourself, you will see a message that says: You are not authenticated!.
First you need to consume /auth passing by username and password and for this example there is already a user stored: username: wilson, password: secret, so after you authenticate with this credentials you will be able to consume the routes protected.
NOTE: you need to have installed the following libraries:
"dependencies": {
"body-parser": "^1.13.2",
"cookie-parser": "^1.3.5",
"express": "^4.13.1",
"connect-flash": "^0.1.1",
"express-session": "^1.11.3",
"method-override": "^2.3.3",
"passport": "^0.2.2",
"passport-local": "^1.0.0"
}
Upvotes: 1
Related Questions
- Passport js authenticate by url
- Basic auth with passport and express
- nodejs passport authentication token
- Passport Authentication in Nodejs
- Authorization in a NodeJS Express REST server
- PassportJS authentication
- passport.js RESTful auth
- Node.Js Express Authentication
- PassportJS, ExpressJS, NodeJS, Creating API w/ Authentication
- Need help on how to actually use Passport authentication strategy in Express