I have been working with passport local-strategy for a little while now and noticed that the failureFlash boolean doesnt seem too impact whether or not a flash message is shown or not. This is the code:
app.post('/login', passport.authenticate('local', {
successRedirect: '/',
failureRedirect: '/',
failureFlash: false
})
somewhere in the local-strategy:
return done(null, false, req.flash('error','Invalid username or password.'));
When the page renders:
res.render(__dirname + '/../public/views/main',{ error: req.flash('error')});
In this scenario a flash message is sent to the client which doesn't make sense to me, shouldn't this only be possible if failureflash is true? Any help much appreciated.
