| [484] | 1 | # Passport |
|---|
| 2 | |
|---|
| 3 | Passport is [Express](http://expressjs.com/)-compatible authentication |
|---|
| 4 | middleware for [Node.js](http://nodejs.org/). |
|---|
| 5 | |
|---|
| 6 | Passport's sole purpose is to authenticate requests, which it does through an |
|---|
| 7 | extensible set of plugins known as _strategies_. Passport does not mount |
|---|
| 8 | routes or assume any particular database schema, which maximizes flexiblity and |
|---|
| 9 | allows application-level decisions to be made by the developer. The API is |
|---|
| 10 | simple: you provide Passport a request to authenticate, and Passport provides |
|---|
| 11 | hooks for controlling what occurs when authentication succeeds or fails. |
|---|
| 12 | |
|---|
| 13 | ## Install |
|---|
| 14 | |
|---|
| 15 | $ npm install passport |
|---|
| 16 | |
|---|
| [489] | 17 | ###### Donate |
|---|
| 18 | |
|---|
| 19 | Using Passport in your project? [Donations](https://www.gittip.com/jaredhanson/) |
|---|
| 20 | are greatly appreciated and help support development of this and other quality |
|---|
| 21 | modules. |
|---|
| 22 | |
|---|
| [484] | 23 | ## Usage |
|---|
| 24 | |
|---|
| 25 | #### Strategies |
|---|
| 26 | |
|---|
| 27 | Passport uses the concept of strategies to authenticate requests. Strategies |
|---|
| 28 | can range from verifying username and password credentials, delegated |
|---|
| 29 | authentication using [OAuth](http://oauth.net/) (for example, via [Facebook](http://www.facebook.com/) |
|---|
| 30 | or [Twitter](http://twitter.com/)), or federated authentication using [OpenID](http://openid.net/). |
|---|
| 31 | |
|---|
| 32 | Before authenticating requests, the strategy (or strategies) used by an |
|---|
| 33 | application must be configured. |
|---|
| 34 | |
|---|
| 35 | passport.use(new LocalStrategy( |
|---|
| 36 | function(username, password, done) { |
|---|
| 37 | User.findOne({ username: username, password: password }, function (err, user) { |
|---|
| 38 | done(err, user); |
|---|
| 39 | }); |
|---|
| 40 | } |
|---|
| 41 | )); |
|---|
| 42 | |
|---|
| 43 | #### Sessions |
|---|
| 44 | |
|---|
| 45 | Passport will maintain persistent login sessions. In order for persistent |
|---|
| 46 | sessions to work, the authenticated user must be serialized to the session, and |
|---|
| 47 | deserialized when subsequent requests are made. |
|---|
| 48 | |
|---|
| 49 | Passport does not impose any restrictions on how your user records are stored. |
|---|
| 50 | Instead, you provide functions to Passport which implements the necessary |
|---|
| 51 | serialization and deserialization logic. In a typical application, this will be |
|---|
| 52 | as simple as serializing the user ID, and finding the user by ID when |
|---|
| 53 | deserializing. |
|---|
| 54 | |
|---|
| 55 | passport.serializeUser(function(user, done) { |
|---|
| 56 | done(null, user.id); |
|---|
| 57 | }); |
|---|
| 58 | |
|---|
| 59 | passport.deserializeUser(function(id, done) { |
|---|
| 60 | User.findById(id, function (err, user) { |
|---|
| 61 | done(err, user); |
|---|
| 62 | }); |
|---|
| 63 | }); |
|---|
| 64 | |
|---|
| 65 | #### Middleware |
|---|
| 66 | |
|---|
| 67 | To use Passport in an [Express](http://expressjs.com/) or |
|---|
| 68 | [Connect](http://senchalabs.github.com/connect/)-based application, configure it |
|---|
| 69 | with the required `passport.initialize()` middleware. If your application uses |
|---|
| 70 | persistent login sessions (recommended, but not required), `passport.session()` |
|---|
| 71 | middleware must also be used. |
|---|
| 72 | |
|---|
| 73 | app.configure(function() { |
|---|
| 74 | app.use(express.static(__dirname + '/../../public')); |
|---|
| 75 | app.use(express.cookieParser()); |
|---|
| 76 | app.use(express.bodyParser()); |
|---|
| 77 | app.use(express.session({ secret: 'keyboard cat' })); |
|---|
| 78 | app.use(passport.initialize()); |
|---|
| 79 | app.use(passport.session()); |
|---|
| 80 | app.use(app.router); |
|---|
| 81 | }); |
|---|
| 82 | |
|---|
| 83 | #### Authenticate Requests |
|---|
| 84 | |
|---|
| 85 | Passport provides an `authenticate()` function, which is used as route |
|---|
| 86 | middleware to authenticate requests. |
|---|
| 87 | |
|---|
| 88 | app.post('/login', |
|---|
| 89 | passport.authenticate('local', { failureRedirect: '/login' }), |
|---|
| 90 | function(req, res) { |
|---|
| 91 | res.redirect('/'); |
|---|
| 92 | }); |
|---|
| 93 | |
|---|
| 94 | ## Strategies |
|---|
| 95 | |
|---|
| [489] | 96 | Passport has a comprehensive set of **over 140** authentication strategies |
|---|
| [484] | 97 | covering social networking, enterprise integration, API services, and more. |
|---|
| 98 | The [complete list](https://github.com/jaredhanson/passport/wiki/Strategies) is |
|---|
| 99 | available on the [wiki](https://github.com/jaredhanson/passport/wiki). |
|---|
| 100 | |
|---|
| 101 | The following table lists commonly used strategies: |
|---|
| 102 | |
|---|
| 103 | |Strategy | Protocol |Developer | |
|---|
| 104 | |---------------------------------------------------------------|--------------------------|------------------------------------------------| |
|---|
| 105 | |[Local](https://github.com/jaredhanson/passport-local) | HTML form |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 106 | |[OpenID](https://github.com/jaredhanson/passport-openid) | OpenID |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 107 | |[BrowserID](https://github.com/jaredhanson/passport-browserid) | BrowserID |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 108 | |[Facebook](https://github.com/jaredhanson/passport-facebook) | OAuth 2.0 |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 109 | |[Google](https://github.com/jaredhanson/passport-google) | OpenID |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 110 | |[Google](https://github.com/jaredhanson/passport-google-oauth) | OAuth / OAuth 2.0 |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 111 | |[Twitter](https://github.com/jaredhanson/passport-twitter) | OAuth |[Jared Hanson](https://github.com/jaredhanson) | |
|---|
| 112 | |
|---|
| [489] | 113 | ## Examples |
|---|
| 114 | |
|---|
| 115 | - For a complete, working example, refer to the [login example](https://github.com/jaredhanson/passport-local/tree/master/examples/login) |
|---|
| 116 | included in [passport-local](https://github.com/jaredhanson/passport-local). |
|---|
| 117 | - Please refer to this [tutorial](http://mherman.org/blog/2013/11/10/social-authentication-with-passport-dot-js/) on setting up various social authentication strategies, including a working example found on this [repo](https://github.com/mjhea0/passport-examples). |
|---|
| 118 | |
|---|
| [484] | 119 | ## Related Modules |
|---|
| 120 | |
|---|
| 121 | - [Locomotive](https://github.com/jaredhanson/locomotive) â Powerful MVC web framework |
|---|
| 122 | - [OAuthorize](https://github.com/jaredhanson/oauthorize) â OAuth service provider toolkit |
|---|
| 123 | - [OAuth2orize](https://github.com/jaredhanson/oauth2orize) â OAuth 2.0 authorization server toolkit |
|---|
| 124 | - [connect-ensure-login](https://github.com/jaredhanson/connect-ensure-login) â middleware to ensure login sessions |
|---|
| 125 | |
|---|
| 126 | The [modules](https://github.com/jaredhanson/passport/wiki/Modules) page on the |
|---|
| 127 | [wiki](https://github.com/jaredhanson/passport/wiki) lists other useful modules |
|---|
| 128 | that build upon or integrate with Passport. |
|---|
| 129 | |
|---|
| 130 | ## Tests |
|---|
| 131 | |
|---|
| 132 | $ npm install --dev |
|---|
| 133 | $ make test |
|---|
| 134 | |
|---|
| 135 | [](http://travis-ci.org/jaredhanson/passport) |
|---|
| 136 | |
|---|
| 137 | ## Credits |
|---|
| 138 | |
|---|
| 139 | - [Jared Hanson](http://github.com/jaredhanson) |
|---|
| 140 | |
|---|
| 141 | ## License |
|---|
| 142 | |
|---|
| 143 | [The MIT License](http://opensource.org/licenses/MIT) |
|---|
| 144 | |
|---|
| 145 | Copyright (c) 2011-2013 Jared Hanson <[http://jaredhanson.net/](http://jaredhanson.net/)> |
|---|
