Use everyauth's authenticate method inside a route that is exposed via API?

Question

Using express.js and everyauth with mongoose-auth, how can I create an external authentication route for an API I'm creating? I want to do this to authenticate a native iOS app against the user records in my MongoDB.

So for example, here's some semi-faux code:

app.post('/api/auth', function(req, res){
  if(everyauth.authenticate(req.username, req.password)){
    res.json({success:true});
  }
});

So my question is, How do I utilize everyauth/mongoose-auth's authentication from outside of everyauth's typical methods and views?

score 0 · Accepted Answer · answered May 17 '12 at 20:24

Answering my own question after doing some more digging.

The following seems to work for my needs. It returns the user record if the authentication is successful. I'm just responding with a basic success true/false message for testing purposes. This assumes that User is the model that you used for mongoose-auth.

User.authenticate(req.body.email, req.body.password, function(err, userdoc){
  if (userdoc){
    res.json({success:true});
  }
  else {
    res.json({success:false});
  }
});

Use everyauth's authenticate method inside a route that is exposed via API?

1 Answers1