I have implemented passportJS in my node application. After logging in I get an object which I place in the session. This is the object:
{ loginStatus: 'SUCCESS',
orgRoles: { '7': 'ALL' },
orgNames: { '7': 'kianoshp@gmail.com' },
loginId: 4,
message: 'Success',
success: true }
This is the passport configuration (in coffeescript):
passport.serializeUser (user, done) ->
console.log 'serializing', user
done null, user
passport.deserializeUser (user, done) ->
console.log 'deserializing', user
done null, user
#passport LocalStrategy
passport.use new LocalStrategy
usernameField: 'email'
passwordField: 'password'
,
(username, password, done) ->
validateUser username, password, done
validateUser = (username, password, done) ->
console.log 'loginName is --> ' + username + ' password --> ' + password
options =
protocol: API_PROTOCOL
host: API_HOST
pathname: '/appservices/login'
reqURL = url.format options
requestOptions =
headers:
'Content-type': 'application/json; charset=utf-8'
body: JSON.stringify
loginName: username
password: password
method: 'POST'
request reqURL, requestOptions, (error, response, body) ->
console.log 'body is --> ' + body
resObj = JSON.parse body.toString()
console.log 'loginStatus is --> ' + resObj.loginStatus
if resObj.loginStatus is 'FAIL' or resObj.loginStatus is 'INVALID_PASSWORD' or resObj.loginStatus is 'LOGIN_NOT_FOUND'
return done null, false,
message: 'We couldn\'t find that email/password, please try again.'
if resObj.loginStatus is 'ACCOUNT_LOCKED'
return done null, false,
message: 'The user has been locked out due to too many unsuccessful login attempts or the admin has locked the account. Please contact admin or customer support.'
if resObj.loginStatus is 'NO_LOGIN_DOMAIN_AVAILABLE'
return done null, false,
message: 'The login attempt is valid but there is no registered domain that the login can access. Please contact admin or customer support.'
if resObj.loginStatus isnt 'SUCCESS'
return done null, false,
message: 'The login attempt has failed. If you feel this is an error please try again or contact admin/customer support.'
done null, resObj
app.configure ->
#app.use express.logger()
app.use express.static(__dirname + '/public')
app.use express.cookieParser()
app.use express.bodyParser()
app.use express.methodOverride()
app.use express.session
secret: '###########'
store: new RedisStore()
cookie:
maxAge: 3600000
app.use flash()
app.use passport.initialize()
app.use passport.session()
app.set 'view engine', 'jade'
app.set 'views', __dirname + '/views'
app.use app.router
The output I see:
serializing { loginStatus: 'SUCCESS',
orgRoles: { '7': 'ALL' },
orgNames: { '7': 'kianoshp@gmail.com' },
loginId: 4,
message: 'Success',
success: true }
deserializing { loginStatus: 'SUCCESS',
orgRoles: { '7': 'ALL' },
orgNames: { '7': 'kianoshp@gmail.com' },
loginId: 4,
message: 'Success',
success: true }
I would like to be able to access that I placed in the session and get values out of it. For example, when I make a GET request, I would like to be able do the following:
app.get '/threatStatus', (res, req) ->
#I would like to retrieve the loginId for the user that I placed in the session
Any help is greatly appreciated!!
Cheers,
Kianosh
Update:
I was able to get the data I needed by making the following call:
app.get '/threatStatus', (res, req) ->
console.log req.req.user
Which outputs the following:
{ loginStatus: 'SUCCESS',
orgRoles: { '7': 'ALL' },
orgNames: { '7': 'kianoshp@gmail.com' },
loginId: 4,
message: 'Success',
success: true }
Which begs the question, is this correct? Should I have to dive deep into the request object in order to get this data? Is ‘req.req.user’ correct?
The user object should be retrieved via
req.user.You may verify if a user has logged in via
req.isAuthenticated()to avoid handling an undefined req.user.