Thanks! Any thoughts on using passport for a restful user account login/registration API? I guess I've been spoiled by how Rails/Django have everything built-in.
It would be much more straight-forward than it would be in Rails. Passport is very easy to use compared to libraries like Devise, and it gives you the option to write your own middleware to use along with it. Middleware in Express is literally just a function you call in between the route parameter and the callback, like so:
Your ensureAuthenticated function would look like this:
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
next();
} else {
res.send('You are not authorized to access this page.');
}
}
Passport provides a few of these utility middlewares out of the box. It seems intimidating at first and I could spend a long time explaining it, but it would be much better just to dive in and give it a try. You can even head over to their IRC, which is #passportjs if I remember correctly, and ask which strategy would be best for your application and get started from there.
app.get('/dashboard', ensureAuthenticated(), function(req, res) { });
Your ensureAuthenticated function would look like this:
function ensureAuthenticated(req, res, next) { if (req.isAuthenticated()) { next(); } else { res.send('You are not authorized to access this page.'); } }
Passport provides a few of these utility middlewares out of the box. It seems intimidating at first and I could spend a long time explaining it, but it would be much better just to dive in and give it a try. You can even head over to their IRC, which is #passportjs if I remember correctly, and ask which strategy would be best for your application and get started from there.