Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

passport

Package Overview
Dependencies
Maintainers
1
Versions
33
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

passport

Simple, unobtrusive authentication for Node.js.

  • 0.5.3
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
2.9M
increased by1.7%
Maintainers
1
Weekly downloads
 
Created

What is passport?

Passport is an authentication middleware for Node.js that can be used in any Express-based web application. It supports a comprehensive set of strategies to authenticate users using a username and password, Facebook, Twitter, and more.

What are passport's main functionalities?

Local Authentication

This feature allows you to set up local authentication where users can log in with a username and password. The LocalStrategy is used to authenticate users against a local database.

passport.use(new LocalStrategy(
  function(username, password, done) {
    User.findOne({ username: username }, function (err, user) {
      if (err) { return done(err); }
      if (!user) { return done(null, false); }
      if (!user.verifyPassword(password)) { return done(null, false); }
      return done(null, user);
    });
  }
));

OAuth Authentication

Passport can be used to authenticate users using OAuth providers like GitHub, Facebook, Twitter, etc. This code sample demonstrates how to authenticate users with GitHub using the GitHubStrategy.

passport.use(new GitHubStrategy({
    clientID: GITHUB_CLIENT_ID,
    clientSecret: GITHUB_CLIENT_SECRET,
    callbackURL: 'http://yourdomain.com/auth/github/callback'
  },
  function(accessToken, refreshToken, profile, cb) {
    User.findOrCreate({ githubId: profile.id }, function (err, user) {
      return cb(err, user);
    });
  }
));

JWT Authentication

Passport supports JSON Web Tokens (JWT) for securing API endpoints. The JwtStrategy is used to authenticate users based on a JWT token sent in the authorization header.

const JwtStrategy = require('passport-jwt').Strategy,
      ExtractJwt = require('passport-jwt').ExtractJwt;
let opts = {}
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.secretOrKey = 'secret';
passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
    User.findOne({id: jwt_payload.sub}, function(err, user) {
        if (err) {
            return done(err, false);
        }
        if (user) {
            return done(null, user);
        } else {
            return done(null, false);
            // or you could create a new account
        }
    });
}));

Other packages similar to passport

Keywords

FAQs

Package last updated on 16 May 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc