I found that done() method (or success(), as told by my debugger) has a third argument as well which is called info. Can anybody tell me what happens to value passed into it?
EDIT
The done() method I am referring to is the one we have to call in a strategy callback. e.g.
var passport = require('passport')
, LocalStrategy = require('passport-local').Strategy;
passport.use(new LocalStrategy(
function(username, password, done) {
User.findOne({ username: username }, function (err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Incorrect username.' });
}
if (!user.validPassword(password)) {
return done(null, false, { message: 'Incorrect password.' });
}
return done(null, user);
});
}
));
The snippet is from here. As it can be seen, in some cases, a message is being passed in an object as third argument to done(). How can we access this message in a route method?
You should be able to access the information passed as the third parameter as req.authInfo.
You can see the processing here as info, where it is assigned to authInfo and used for flash messages.
info is an optional argument that can contain additional user information, such as roles, user profile, or authorization, that may have been determined during the verification function.
This helps with third-party authentication strategies, as these details about an authenticated user can be passed along once the user is successfully authenticated. Otherwise, you might have to look them up a second time later one, which is inefficient.
And as loganfsmyth pointed out, info is set at req.authInfo so that middlware or routes can access it later on.
Additionally, you can transform the info object futher by registering the transformAuthInfo, like this:
passport.transformAuthInfo(function(info, done) {
Client.findById(info.clientID, function (err, client) {
info.client = client;
done(err, info);
});
});
For LocalStrategy, you can see in the verified function that info gets passed to both fail and success actions.
So additionally, you can specify a type and a message properties and these will be used in flash status information messages displayed to the user. (type defaults to 'success' when user is authenticated, and 'error' otherwise).
Flash messages work in Express 2.x via the request.flash() function. This was removed in Express 3.x - connect-flash middleware is recommended if you need this functionality.