Comments (9)
I don't talk about "handling express-session
" and so to "have additional modules" for each strategy
I talk about handling the core passport feature of "session"
This "core" is probably used by more than one strategy
And "session" should be easy to do, because so many people are just putting their JWTs in LocalStorage to reinvent the wheel
from passport.
at least we should document it.
the current document about @nestjs/passport miss quite a lot of important but very detailed features and considering only stateless backend using jwt
from passport.
@Nabellaleen any update on this?
from passport.
You can use MiddlewareConsumer
for this: https://docs.nestjs.com/middleware#middleware-consumer
from passport.
Please read again my message.
The consumer
variable in the "monkey-patch" I've done, is a usage of MiddlewareConsumer
.
The problem is not there, the problem is : the @nestjs/passport
should register correctly the passport
middlewares.
And I can give a hand, but here, I'm out of my skills, because it's not as simple as adding this configure(consumer)
method, because the options
are not available in configure
.
from passport.
While waiting for an update of the library, I've created my own module, but it's stay a hack, because it should be handled by the library.
import { DynamicModule, MiddlewareConsumer, RequestMethod } from '@nestjs/common'
import * as passport from 'passport'
const DEFAULT_ROUTES = [{ path: '*', method: RequestMethod.ALL }]
export class PassportSessionModule {
static register(): DynamicModule {
return {
module: PassportSessionModule,
}
}
configure(consumer: MiddlewareConsumer) {
console.log('init')
const middlewares = [
passport.initialize(),
passport.session(),
]
consumer
.apply(...middlewares)
.forRoutes(...DEFAULT_ROUTES)
}
}
from passport.
What if you are using a strategy that doesn't rely on sessions, like JWT? Should it be still bind a session middleware? Should Nest also bind express-session
, as Passport doesn't play well with Fastify, or should it leave that up to the developer? There's too many options around Passport to delegate it to the base module, in my opinion.
from passport.
As nestjs provide a @nestjs/passport
module to handle passport ... so yes, this module should allow all passport usages
The question is more "how" ; "how" could we handle this usages without over-engineering anything ?
It could by providing additional modules, it could be throught module parameters. But it has to be handled somewhere, at least in the documentation.
from passport.
I feel that having additional modules for each passport strategy is just gonna start over-engineering the main passport module, which is meant to basically be a wrapper around all passport strategies. If I'm being honest, I think this should just be an update to the docs as a warning and leaving it up to the developer.
from passport.
Related Issues (20)
- passport-steam Guide will be appreciated HOT 1
- How about changing the constructor parameter type of PassportStrategy like this? HOT 1
- validate(payload: any) in Implementing Passport JWT doc it's not correct HOT 2
- AuthGuard on Local Strategy return undefinded HOT 1
- overwhelmed by error logs HOT 6
- Pretty magical thing: request.authInfo = undefined and behavior is very strange HOT 3
- Unable to preserve session in passport v0.6.0 HOT 2
- v10 does not allow typing on custom `getRequest` method in class with extended AuthGuard HOT 1
- AuthGuard does not work with authentication-only strategies HOT 1
- Support for [email protected] HOT 3
- using @Inject(REQUEST) req breaks passport. HOT 4
- Guard Order Scope affects order of execution HOT 2
- Can a new release be pushed? HOT 3
- Nest can't resolve dependencies of the JwtAuthenticationGuard after upgrade 8.1.0 to 8.1.1 HOT 9
- Cannot read properties of undefined (reading 'property') HOT 1
- Using custom passport from a different package causes error HOT 1
- Dependency tree discrepancy HOT 2
- PassportStrategy interface does not contain validate() HOT 2
- The defaultStrategies cannot be set during runtime in the AuthGuard HOT 1
- Typing of the result of getAuthenticateOptions is misleading/incorrect HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from passport.