username or password failure message in Passport.js

0
votes

I have a login created in Express with the use of Passport.js. Now I have everything setup and when username and password are correct it will redirect to the user page. But now I want to show a message when the credentials are incorrect. Right now it leads to a blank page with an auto message of 'unauthorized'

This is my passport.js setup:

App.js:

var mongoose = require('mongoose');
mongoose.Promise = global.Promise;
mongoose.connect('mongodb://localhost:27017/homeapp');

var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;

app.use(require('express-session')({
  secret: 'testtest',
  resave: false,
  saveUninitialized: false
}));
app.use(passport.initialize());
app.use(passport.session());
var User = require('./models/User');
passport.use(new LocalStrategy(User.authenticate()));
passport.serializeUser(User.serializeUser());
passport.deserializeUser(User.deserializeUser());

Index.js

var express = require('express');
var router = express.Router();
var auth = require('../controller/AuthController.js');

router.get('/', auth.home);

router.get('/login', auth.login);

router.post('/login', auth.doLogin);

router.get('/logout', auth.logout);

module.exports = router;

Users.js:

var mongoose = require('mongoose');
var Schema = mongoose.Schema;
var passportLocalMongoose = require('passport-local-mongoose');

var UserSchema = new Schema({
    username: String,
    password: String
}, {collection: 'userdata'});

UserSchema.plugin(passportLocalMongoose);

module.exports = mongoose.model('User', UserSchema);

AuthController.js:

var mongoose = require("mongoose");
var passport = require("passport");
var User = require("../models/User");

var userController = {};

userController.home = function(req, res) {
  res.render('index', { user : req.user });
};

userController.login = function(req, res) {
  res.render('login');
};

userController.doLogin = function(req, res){
  passport.authenticate('local')(req, res, function(){
    res.redirect('/');
  });
};

userController.logout = function(req, res) {
  req.logout();
  res.redirect('/');
};

module.exports = userController;
1
node.jsexpressloginpassport.js

1 Answers

1
votes

You can do modification in your code like this :

userController.doLogin = function(req, res){
  passport.authenticate('local', { successRedirect: '/',
                                   failureRedirect: '/login',
                                   failureFlash: true })

 passport.authenticate('local', { failureFlash: 'Invalid username or 
 password.' });

};

Setting the failureFlash option to true instructs Passport to flash an error message using the message given by the strategy's verify callback, if any. This is often the best approach, because the verify callback can make the most accurate determination of why authentication failed.

As ,i have seen you are using passport custom callback method for this you can do like this:

userController.doLogin = function(req, res){
 passport.authenticate('local', function(err, user) {
    if (err) { return next(err); }
   if (!user) { return res.json('invalid credentials'); }
 req.logIn(user, function(err) {
  if (err) { return next(err); }
  return res.redirect('/');
});
})(req, res);
};