Passport.js: The Gatekeeper for Your Routes
Passport.js is a gatekeeper for your Node.js routes, authenticating requests before your application logic runs. It uses pluggable "strategies" for different login types, like local passwords or Google OAuth. The footgun is misconfiguring failure handling.
Passport.js acts as a configurable gatekeeper for your Node.js routes, authenticating requests before they reach your core logic. It uses pluggable "strategies" to handle diverse mechanisms, from local password forms to Google OAuth. Upon success, it populates `req.user` and proceeds. The footgun is forgetting to configure failure redirects for web apps, which results in an API-style 401 error instead of sending the user back to the login page to try again.
Read the original → passportjs.org
- #nodejs
- #express
- #authentication
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.