As title states, when I authenticate with, for example, my local strategy it goes fine and response after authentication middleware in GET request shows that there IS a req.user and req.session.passport, both populated.
Here's my local strategy and serialize, deserialize:
passport.serializeUser(function (user, done) {
console.log('PASSPORT: serialize');
done(null, {
_id: user._id,
name: user.preferred.name,
picurl: user.preferred.picurl,
acclink: user.preferred.acclink,
registered: true,
opts: user.opts
});
});
// used to deserialize the user
passport.deserializeUser(function (data, done) {
console.log('PASSPORT: deserialize (finding by id)');
console.log(data);
RegisteredUser.findById(data._id, function (err, user) {
done(err, user);
});
});
passport.use('local-reg', new LocalStrategy({
passReqToCallback: true
},
function (req, username, password, done) {
process.nextTick(function () {
RegisteredUser.findOne({ 'local.username': username }, function (err, user) {
if (err)
return done(err);
if (user) {
return done(null, false, { message: 'That Username is already taken' });
} else {
if (!req.user) {
var regUser = new RegisteredUser();
UpdateCurrentUser(username, '', '', req);
}
else {
console.log('PASSPORT: registering new and binding to current');
regUser = req.user;
}
regUser.local.username = username;
regUser.local.password = regUser.generateHash(password);
if (req.body.email) {
regUser.local.email = req.body.email;
regUser.local.picurl = gravatar.url(req.body.email, { s: 200, r: 'pg' });
}
else {
regUser.local.email = 'Smartass';
regUser.local.picurl = '';
}
regUser.preferred.name = username;
regUser.preferred.picurl = regUser.local.picurl;
regUser.preferred.acclink = '';
regUser.save(function (err) {
done(err, regUser);
});
}
});
});
}));
And here's passport declarations and route:
var express = require('express');
var crypto = require('crypto')
var favicon = require('serve-favicon');
var errorhandler = require('errorhandler');
var session = require('express-session');
var morgan = require('morgan');
var bodyParser = require('body-parser');
var passport = require('passport');
var http = require('http')
var MonC = require('./MongooseConfig.js')
var RegisteredUser = MonC.RegisteredUser
, UserMeta = MonC.UserMeta
, Mainchat = MonC.Mainchat
, Room = MonC.Room
, VideoMeta = MonC.VideoMeta
, Kitten = MonC.Kitten
, db = MonC.db
require('./Passportconf')(passport, MonC);
var Vlib = require('./VimeoAPIconfig.js');
var app = express()
var server = http.createServer(app)
var io = require('socket.io')(server)
var expresspeerserver = require('./PeerServer.js')(server)
app.use(favicon(__dirname + '/public/favicon/favicon.ico'));
app.use('/peerjs', expresspeerserver);
var MongoStore = require('connect-mongo')(session);
app.use(morgan('dev')); // log every request to the console
//app.use(cookieParser()); // read cookies (needed for auth)
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
var sessionMiddleware = session({
store: new MongoStore({ mongooseConnection: db }),
saveUninitialized: false,
resave: false,
secret: "keyboard cat"
});
app.use(sessionMiddleware);
app.use(passport.initialize());
app.use(passport.session());
app.use(express.static(__dirname + '/public'));
app.set('view engine', 'ejs');
app.post('/reg', passport.authenticate('local-reg'), function (req, res) {
// if (req.authInfo.type !== 'success') {
// res.send(req.authInfo.message)
// }
console.log(req.authInfo);
// else {
console.log('REQ PASSPORT')
console.log(req.session.passport.user);
res.send(req.session.passport.user);
//}
});
Pardon me if there is much of unrelevant code, just want to be sure, that i don't miss anything.
So, in '/reg' route after console.log('REQ PASSPORT') i can see populated user, yet if i will reload my simple '/' route:
app.get('/', function (req, res) {
var sess = req.session
console.log('/ SESSION')
console.log(sess)
if (sess.views) {
sess.views++
}
else {
sess.views = 1;
sess.testline = 'Hello Session World!'
}
if (req.user) {///if gone back from fb auth
res.render('Test.ejs', req.user);
}
else {
res.render('Test.ejs');
}
});
Here after console.log('/ SESSION') I can see that session.passport is {}, which is, as i understand, completely wrong, as after authentication user was serialized into session.passpor and must remain there.
In fact session (express-session) by itself works perfect, everything that i saved into session is always here in any req.session in routes or in sockets (using express-session also as socket.io middleware). Therefore it's a problem with passport itself, failing to save himself into session properly or cleaning it for some reason.
It seems that i can bypass this problem by making manual save() on session object from passport strategy manually 'serialising' info that i want in req.session object, not session.passport, but i don't understand why passport don't work as it intended (or as i think it was intended?)
Really hope for reply, again, pardon me for a wall of text.