Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

passport

Package Overview
Dependencies
Maintainers
1
Versions
33
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

passport - npm Package Versions

234

0.7.0

Diff
jaredhanson
 published 0.7.0 •

Changelog

Source

[0.7.0] - 2023-11-27

Changed

  • Set req.authInfo by default when using the assignProperty option to authenticate() middleware. This makes the behavior the same as when not using the option, and can be disabled by setting authInfo option to false.

0.6.0

Diff
jaredhanson
 published 0.6.0 •

Changelog

Source

[0.6.0] - 2022-05-20

Added

  • authenticate(), req#login, and req#logout accept a keepSessionInfo: true option to keep session information after regenerating the session.

Changed

  • req#login() and req#logout() regenerate the the session and clear session information by default.
  • req#logout() is now an asynchronous function and requires a callback function as the last argument.

Security

  • Improved robustness against session fixation attacks in cases where there is physical access to the same system or the application is susceptible to cross-site scripting (XSS).

0.5.3

Diff
jaredhanson
 published 0.5.3 •

Changelog

Source

[0.5.3] - 2022-05-16

Fixed

  • initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions again, reverting change from 0.5.1.

0.5.2

Diff
jaredhanson
 published 0.5.2 •

Changelog

Source

[0.5.2] - 2021-12-16

Fixed

  • Introduced a compatibility layer for strategies that depend directly on passport@0.4.x or earlier (such as passport-azure-ad), which were broken by the removal of private variables in passport@0.5.1.

0.5.1

Diff
jaredhanson
 published 0.5.1 •

Changelog

Source

[0.5.1] - 2021-12-15

Added

  • Informative error message in session strategy if session support is not available.

Changed

  • authenticate() middleware, rather than initialize() middleware, extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

0.5.0

Diff
jaredhanson
 published 0.5.0 •

Changelog

Source

[0.5.0] - 2021-09-23

Changed

  • initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

Removed

  • login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions no longer added to http.IncomingMessage.prototype.

Fixed

  • userProperty option to initialize() middleware only affects the current request, rather than all requests processed via singleton Passport instance, eliminating a race condition in situations where initialize() middleware is used multiple times in an application with userProperty set to different values.

0.4.1

Diff
jaredhanson
 published 0.4.1 •

0.4.0

Diff
jaredhanson
 published 0.4.0 •

0.3.2

Diff
jaredhanson
 published 0.3.2 •

0.3.1

Diff
jaredhanson
 published 0.3.1 •
234
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc