Passport.js: The Local Strategy for Username/Password Auth
Passport's Local Strategy is the bouncer for traditional username/password logins in Node.js. You provide the logic to verify credentials against your database, and Passport handles the session management.
Passport's Local Strategy is a pluggable rulebook for classic username/password authentication in Node.js. You write a single `verify` function to check credentials against your database, and Passport handles the rest. It's the go-to for any Express app with form-based sign-in, giving you full control over your user schema and password hashing. The main footgun is insecure password handling: always hash incoming passwords and use a timing-safe comparison against the stored hash to prevent timing attacks.
Read the original → passportjs.org
- #nodejs
- #express
- #authentication
- #passportjs
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.