passport local strategy not getting called
node.jsExpresspassport.jsnode.js Problem Overview
I'm sure I'm missing something really obvious here, but I can't figure this out. The function I've passed to the LocalStrategy constructor doesn't get called when the login form gets submitted.
Code:
var express = require('express');
var http = require('http');
var path = require('path');
var swig = require('swig');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
passport.serializeUser(function(user, done) {
console.log('Serialize user called.');
done(null, user.name);
});
passport.deserializeUser(function(id, done) {
console.log('Deserialize user called.');
return done(null, {name: 'Oliver'});
});
passport.use(new LocalStrategy(
function(username, password, done) {
console.log('local strategy called with: %s', username);
return done(null, {name: username});
}));
var app = express();
app.set('port', process.env.PORT || 3000);
app.set('view engine', 'swig');
app.set('views', __dirname + '/views');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser('asljASDR2084^^!'));
app.use(express.session());
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(require('less-middleware')({ src: __dirname + '/public' }));
app.use(express.static(path.join(__dirname, 'public')));
app.use(express.errorHandler({ dumpExceptions:true, showStack:true }));
app.engine('swig', swig.renderFile);
app.post('/auth', passport.authenticate('local'));
app.get('/login', function(req, res) {
// login is a simple form that posts username and password /auth
res.render('login', {});
});
http.createServer(app).listen(app.get('port'), function(){
console.log('Express server listening on port ' + app.get('port'));
});
The form on my /login page is cut and pasted from the passport docs except that I changed it to submit to /auth instead of /login:
<form action="/auth" method="post">
<div>
<label>Username:</label>
<input type="text" name="username"/>
</div>
<div>
<label>Password:</label>
<input type="password" name="password"/>
</div>
<div>
<input type="submit" value="Log In"/>
</div>
</form>
When I sumit the login form, the following gets logged
GET /login 200 5ms - 432b
POST /auth 401 6ms
Note that "local strategy called" is never logged.
Why isn't the function I passed to LocalStrategy getting called?
node.js Solutions
Solution 1 - node.js
I recently came across this problem and it can be caused by a number of things. First thing to check is ensuring that the bodyParser is set up for express, which I see that you have done.
app.use(express.bodyParser());
The next thing is ensuring that the form you are submitting to the route contains both a username
AND password
, and the user must also enter something in both fields. I was stumped for a bit testing it and not actually putting anything in the password field while testing :) Passport requires BOTH to execute the LocalStrategy verification function passed to passport.authenticate('local')
.
Your example also seems to be set up to capture both username and password properly, but in any case, you should try testing that the body is being parsed properly even without passport:
app.post('/auth', function(req, res){
console.log("body parsing", req.body);
//should be something like: {username: YOURUSERNAME, password: YOURPASSWORD}
});
Else
Did you try adding a request handler to your /auth
route?
app.post('/auth', passport.authenticate('local'), function(req, res){
console.log("passport user", req.user);
});
or
app.post('/auth', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/auth' }));
Solution 2 - node.js
I encountered the same problem when I set up my own route handler from which I called passport.authenticate (). I forgot that passport.authenticate returns middleware that must be invoked, so just calling passport.authenticate isn't sufficient. Then I replaced
router.post("/",
function(req,res,next){
passport.authenticate("local", function(err, user, info){
// handle succes or failure
});
})
with
router.post("/",
function(req,res,next){
passport.authenticate("local", function(err, user, info){
// handle succes or failure
})(req,res,next);
})
Solution 3 - node.js
You get 401 when you using different username, password input fields than the default ones. You have to provide that in your LocalStrategy like this :
passport.use(new LocalStrategy({
usernameField: 'login',
passwordField: 'password'
},
function(username, password, done) {
...
}
));
Default is username
and password
I think. See the docs here.
Solution 4 - node.js
I think you submit the form with username or password field empty.
If you fill both inputs then submit, LocalStrategy will be called.
Solution 5 - node.js
For Express 4.x:
// Body parser
var bodyParser = require('body-parser');
app.use(bodyParser.urlencoded({ extended: false })) // parse application/x-www-form-urlencoded
app.use(bodyParser.json()) // parse application/json
Solution 6 - node.js
I also banged my head for the same problem for few hours. I was having everything in place as told by other answers like
- Form was returning all fields.
- body parser was setup correctly with extended:true
- Passport with every setting and configuration.
But i have changed username field with phoneNumber and password. By changing code like below solved my problem
passport.use('login', new LocalStrategy(
{usernameField:'phoneNumber',
passwordField:'password'},
function (username, password, done) {
// your login goes here
})
);
If anyone want i can write the whole authentication procedure for phonenumber using mongodb and passport-local.
Thanks @user568109
Solution 7 - node.js
My problem was, that I had the enctype='multipart/form-data'. Just change that to multipart='urlencoded'. And I think that will solve it.
Solution 8 - node.js
To capture both username
and passport
make sure to add:
app.use(express.urlencoded());
In my case, I was using app.use(express.json());
and was posting the username and password from <form>
.
Solution 9 - node.js
It's possible your request wasn't formatted properly (particularly the body of it) and your username and password weren't being sent when you thought they were.
Here is an example of an API call wrapper that enforces your request body is parsed as json:
Api = {};
Api.request = (route, options) => {
options = options || {};
options.method = options.method || 'GET';
options.credentials = 'include';
if (options.method === 'POST') {
options.headers = {
'Accept': 'application/json',
'Content-Type': 'application/json',
};
options.body = JSON.stringify(options.data) || '{}';
}
fetch(absoluteUrl + '/api/' + route, options)
.then((response) => response.json())
.then(options.cb || (() => {}))
.catch(function(error) {
console.log(error);
});
};
It can be used this way:
Api.request('login', {
data: {
username: this.state.username,
password: this.state.password
},
method: 'POST',
cb: proxy((user) => {
console.log(user);
}, this)
});
Solution 10 - node.js
For me everything was setup properly.. The issue was that I was collecting form data and then creating a json from form data and send it like JSON.stringify(formdatajson) to server. (For me login form was a popup on screen)
I Found my mistake by debugging passportjs...
If you also have same problem and none of the above solution seems working for you then debug passportjs.
open
strategy.js
put debugger in below method.
Strategy.prototype.authenticate
Check what form data is coming for you. Hope this help ...
Solution 11 - node.js
-
npm install passport-local
-
var passport = require('passport') , LocalStrategy = require('passport-local').Strategy;
According to passportjs.org and it worked for me!
Solution 12 - node.js
Yet another possiblity: For me I had accidentally defined my routes before my body-parser middleware so body-parser was never active for the login route.
Solution 13 - node.js
Hope it always someone - in my case it was the fact that I tried I used passport middleware before cookieParser and express-session ones This was my code:
passportConfig(app);
app.use(cookieParser());
app.use(session({ secret: 'bla' }));
Changed passportConfig to be down and it worked:
app.use(cookieParser());
app.use(session({ secret: 'bla' }));
passportConfig(app);
Solution 14 - node.js
For me it wasn't working because i'd set different name in my login form to that in my passport.js ,It worked for me when i changed user.name
in serializeUser to user.username
.
passport.serializeUser(function (user, done) {
done(null, user.username)
})
passport.deserializeUser(function (username, done) {
Users.findOne({
username: username
}).then((user) => {
if (!user) {
return done(new Error("No such user"))
}
return done(null, user)
}).catch((err) => {
done(err)
})
})
Solution 15 - node.js
Check your form in your views if you included a name property in the form or input type and it corresponds to the arguments passed to the localStrategy callback function.