Passport Authentication - Any?

Question

I am writing a nodejs application with passport.js-based authentication. It lets users message other users, where only authenticated users are allowed to retriever messages either sent by them or with them as the receiver. I am planning to implement multiple identity providers, such as facebook, google, and maybe local authentication as well.

The user schema i set up using mongoose looks like sort of like this:

var userSchema = new mongoose.Schema({
  googleId: String,
  facebookId: String,

  email: { type: String, required: true },
}, {
  strict: false
})

module.exports = mongoose.Model('User', userSchema)

Now the approach I had in mind was this:

• A user is presented a sign in page
• On this page they are presented a choice of identity providers
• They get redirected to authorization page, granting access to the requested scopes, getting redirected to my specified callback URL
• There is either already a user with the according ID or a new one is created.

Now when they try to receive the message, I want to authenticate them again in order to grant authorization to obtain the message. How they authenticate really does not matter, as long as it is any of the strategies I configured; there is however no such thing as app.get('/messages', passport.authenticate('any'), done), so how would I approach this?

Answer 1

One option is to pass the strategies you want as an array into passport.authenticate([Strategies]). The link below shows that nicely.

passport.js with multiple authentication providers?

Another example from the author of passport:

https://github.com/jaredhanson/passport-http/blob/master/examples/multi/app.js