I'm stuck.
Can Featherjs with Passport authenticate with the local strategy and not have sessions enabled?
When I do enable sessions the first request is not authorised, but the second one is because the cookie from the first request is used. I don't want cookies used.
I've setup my code like:
var hooks = require('feathers-hooks');
var bodyParser = require('body-parser');
var session = require('express-session');
var passport = require('passport');
var feathers = require('feathers');
var feathersPassport = require('feathers-passport');
var LocalStrategy = require('passport-local').Strategy;
var app = feathers();
var LocalStrategy = require('passport-local').Strategy;
passport.use(new LocalStrategy(function (username, password, done) {
done(null, "userid here");
}));
//Use the id to serialize the user
passport.serializeUser(function (user, done) {
done(null, user);
});
// Deserialize the user retrieving it form the user service
passport.deserializeUser(function (id, done) {
done(null, "userid here");
});
var myService = {
find: function (params, callback) {
if (params.user) {
console.log('yeh');
}
else {
callback('not authorized', null);
}
}
};
// A shared session store must be provided.
//TODO This MemoryStore is not recommended for production
var store = new session.MemoryStore();
// Initialize the application
app.configure(feathers.rest())
.configure(hooks())
.configure(feathersPassport({
secret: 'feathers-rocks',
store: store
}));
app.use(bodyParser.urlencoded({extended: true}));
app.use('/should/be/protected', passport.authenticate('local', {session: true}), myService);
app.listen(4000);
