express_passportjs_local_strategy_session_authentication.ts

1import express, { Request, Response, NextFunction } from 'express';
2import passport from 'passport';
3import { Strategy as LocalStrategy } from 'passport-local';
4import session from 'express-session';
5
6const app = express();
7
8// Configure the local strategy for use by Passport.
9//
10// The local strategy requires a `verify` function which receives the credentials
11// (`username` and `password`) submitted by the user.
12passport.use(new LocalStrategy(
13  (username, password, cb) => {
14    // In a real application, you would query your database here.
15    if (username === 'user' && password === 'password') {
16      return cb(null, { id: '1', username: 'user' });
17    }
18    return cb(null, false, { message: 'Incorrect username or password.' });
19  }
20));
21
22// Configure Passport authenticated session persistence.
23//
24// In order to restore authentication state across HTTP requests, Passport needs
25// to serialize users into and deserialize users out of the session.
26passport.serializeUser((user: any, cb) => {
27  cb(null, user.id);
28});
29
30passport.deserializeUser((id: string, cb) => {
31  // Look up user by id in database
32  cb(null, { id: '1', username: 'user' });
33});
34
35// Middleware setup
36app.use(express.urlencoded({ extended: false }));
37app.use(session({
38  secret: 'keyboard cat',
39  resave: false,
40  saveUninitialized: false
41}));
42app.use(passport.initialize());
43app.use(passport.session());
44
45// Routes
46app.post('/login', 
47  passport.authenticate('local', { failureRedirect: '/login' }),
48  (req: Request, res: Response) => {
49    res.redirect('/');
50  }
51);
52
53app.get('/logout', (req: Request, res: Response, next: NextFunction) => {
54  req.logout((err) => {
55    if (err) { return next(err); }
56    res.redirect('/');
57  });
58});
59
60app.listen(3000, () => {
61  console.log('Server started on http://localhost:3000');
62});