Reputation: 237
req.session.passport.user is undefined
I can not find the error, my method does not serialize the user. Within passport.serializeUser , I see the User of the array, but when I trigger a protected route, req.isAuthenticated , always returns me false
My passport file:
passport.serializeUser(function(user, done){
console.log('OK')//is show in console
done(null, user);
});
passport.deserializeUser(function(id, done){
User.findById(id, function(err, user){
done(err, user)
});
});
passport.use('login', new LocalStrategy({
usernameField : 'username',
passwordField : 'password',
passReqToCallback: true
},
function(req, username, password, done){
process.nextTick(function(){
User.findOne({'username' : username}, function(err, user){
if(err){
return done(err);
}
if(!user){
return done(null, false);
}
if(!user.validPassword(password)){
return done(null, false);
}
return done(null, user);
});
});
}
))
My login route:
app.post('/api/login', function(req, res, next){
passport.authenticate('login', function(err, user){
if(err){
res.json({sucesso: false, mensagem: 'Erro ao logar', erro: err});
}
else{
req.logIn(user, function(err) {
if(err){
console.log('ERRO ' + err);
}
else{
var token = jwt.encode(user, 'JwTaUtHaNGULAR');
return res.send({sucesso: true, token: 'JWT ' + token, mensagem: 'Autenticação OK'});
}
});
}
})(req, res, next);
});
Here is my protected route:
app.get('/api/dashboard/users', isLogged ,function(req, res){
Usuario.find({'_id': {$ne: id_user}}, function(err, usuario){
res.json({sucesso: true, user: usuario});
});
});
My function that checks whether the user is authenticated:
function isLogged(req, res, next){
if(req.isAuthenticated()){
return next();
}
else{
console.log('ERRO');
}
}
Here is my server.js:
var express = require('express');
var app = express();
var mongoose = require('mongoose');
var passport = require('passport');
var flash = require('connect-flash');
var morgan = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var config = require('./config/database');
var methodOverride = require('method-override')
mongoose.connect(config.database, function(err, db){
if(!err){
console.log('Conectado');
}
});
var server = require('http').Server(app);
var io = require('socket.io')(server);
var cors = require('cors');
require('./config/passport')(passport);
app.use(morgan('dev'));
app.use(cookieParser('secret'));
app.use(bodyParser.urlencoded({extended: true}));
app.use(bodyParser.json());
app.use(session({ secret: 'SecretSession', resave: false, saveUninitialized: true }));
app.use(passport.initialize());
app.use(passport.session());
app.use(methodOverride());
app.use(express.static(__dirname + '/public'))
app.use(cors());
require('./app/routes')(app, passport);
server.listen(3030, function(){
console.log('Rodando ');
});
What is wrong?
Upvotes: 1
Views: 4368
Answers (1)
Reputation: 728
You are deserializing users by their ID but serialize them by using the whole user object. Try changing passport.serializeUser to
passport.serializeUser(function(user, done){
console.log('OK')//is show in console
done(null, user.id);
});
so you are also serializing users by their ID. Additionally it looks like you are using two different mongoose models User and Usuario for users is this intended?
Update: I took another look at your code and agree with the above commentator. You are mixing up session-based authentication and token-based authentication. You reply with a JWT in passport.authenticate but do not use it later in isLogged to verify the authentication (like you would normally do in a token-based approach).
So the solution in my opinion is to remove JWTs. Using session cookies and a token does not make much sense in your case (if you disagree please leave a comment why you are using JWTs). So apply the above serializeUser fix and simply use the default passport.authenticate('local') callback and your code should work as expected.
Upvotes: 1
Related Questions
- Passport JS req.user is undefined
- req.user undefined despite successful signup with Passport and Express Session on NodeJS
- Node + Express + Passport: req.user Undefined
- passport.js req.user is undefined
- Passport + NodeJs + Express getting "req.user" undefined
- Passport Session showing undefined req.user
- Passport + Express V4 req.user undefined
- Passport.js - req.session.passport.user is not showing up
- req.session.passport is empty: req.user undefined
- passport js req.user not available after req.login