I am using Express 4 with Node.js - I have successfully implemented Passport to authenticate with a username/password. But how do I get Passport to authenticate with just session information?
How would I create a custom Passport strategy to take the session info and compare it with a particular user's info?
I am looking for this:
passport.use(new SessionStrategy(function(req,res,done){
if(req.session blah blah blah){
???
}
});
);
I really have no idea what the best way to do this is. Perhaps I store the user's latest session information on the backend-database. So instead of finding a user with their username, I find a user with the sessionid?
One answer seems to be the following:
This is the code to put the session-id into a cookie and retrieve the data when the user comes back. No strategy required.
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function (err, user) {
done(err, user);
});
});