express-session vs passport.js?

Question

I am currently implementing email-password login functionality for a website using just express-session. Everywhere I look I see people using passport.js to authenticate requests. The below code is working for me.

app.post("/signup", function(req, res) {
    var user = new userModel(req.body);
    user.save();
    req.session.userid = user.id; // I use this id to authenticate
}

Do I have any reason to use passport?

Answer 1

In NodeJS, you can authenticate in 2 ways:

1. Session-Based authentication

2. Token-Based authentication

Passport is a token-based authentication system. It uses JSON web token i.e jwt.

In your case, as you are using session-based authentication you need not use passport