Passport-local: Always return "missing credentials"
This is my implementation with coffeescript and Express 4
passport.use new LocalStrategy
usernameField:'emailAddress'
,(username,password,done) ->
console.log('credentials passed to passport' + username + '' + password)
User.findOne emailAddress:username,(err,user) ->
if err then return done(err)
if not user
return done(null,false,message:'Incorrect data')
bcrypt.compare password,user.password, (err,isMatch) ->
if err then return done(err)
if isMatch then return done(null,user)
else return done(null,false,message:'Incorrect data')
#Authenticate user
app.post '/api/v1/auth/login',(req,res,next) ->
passport.authenticate('local',(err,user,info) ->
error = err or info
if error then return res.status(400).json {user:null,state:'failure',error:error}
req.logIn user,(err) ->
if err then return res.status(400).json {user:null,state:'failure',error:err}
res.status(200).json {user:req.user,state:'success'}
) req,res,next
I'm also using a linkedIn-strategy
I testing with an angular app and also with
curl -v -d '{"emailAddress":"[email protected]","password":"test"}' http://127.0.0.1:8070/api/v1/auth/login --trace-ascii /dev/stdout -H "Content-Type: application/json"
But I only get this
{"user":null,"state":"failure","error":{"message":"Missing credentials"}}
can you see the problem?
matiasfha
All 15 comments
I have similar issue. new LocalStrategy never gets called.
xpepermint
on 14 Apr 2015
Is your request body being parsed?
GochoMugo
on 14 Jun 2015
my problem was not including the body-parser middleware. Thanks for the hint @GochoMugo
sirkitree
on 27 Jul 2015
Answered by @GochoMugo. Closing.
jaredhanson
on 15 Aug 2015
ughhh I thought the authentication info was in req.headers not req.body...
the1mills
on 26 Oct 2015
hey i have bodyParser in my app.js but still getting the same message why???
shoaibnoor95
on 23 Feb 2018
I have face same problem that
{message : credential messing} but if I use
Req.body.email it show [email protected]
But if I use console.log (usr + err)
false , null
Saifaligour
on 21 Aug 2018
i got my issue solved by replacing "email" with "username" in all files.
haidarIqbal
on 12 Apr 2019
_i do not know if it would be helpful to somebody but_ : i solved the same problem by checking the password input name , it had a capital P !
abayoss
on 8 Jun 2019
Mee too, resolved by Password -> password
batrasagar
on 24 Dec 2019
yes the password changing did worked for me. from P to p
vickyktk
on 2 Feb 2020
My problem was that I was using bodyParser to parse request body as json:
app.use(bodyParser.json());
If you have an html form and are posting username/password to the server, you need to ask bodyparser to parse urlencoded body:
app.use(bodyParser.urlencoded({ extended: false }));
mansoor-omrani
on 21 May 2020
had the same error but now it has fixed..
insetead of just username i have used usernameField
passport.use(new LocalStrategy({usernameField:'email'},
pratiktmg19
on 30 May 2020
works with
passport.use(new LocalStrategy({
usernameField: 'user[email]',
passwordField: 'user[password]',
}, (email, password, done) => {
instead of
passport.use(
new LocalStrategy(async (email: string, password: string, done: Function) => {
const user: User | null = await User.findOne({ where: { email } })
if (!user) {
return done(null, false, { message: 'Incorrect email.' })
}
if (user.password !== password) {
// todo user.validPassword
return done(null, false, { message: 'Incorrect password.' })
}
return done(null, user)
})
)
guoxiangke
on 4 Aug 2020
I have the same problem I tried all of this and it's not working.
passport.use(
new LocalStrategy(
{
usernameField: "email",
passwordField: "password",
},
async (email, password, done) => {
try {
const user = await Users.findOne({
where: {
email,
},
});
JoakoV3
on 20 Mar 2021
Related issues
coder90
路
5Comments
jacargentina
路
7Comments
meepeek
路
4Comments
EvHaus
路
25Comments
JonathanSum
路
11Comments
Most helpful comment
Is your request body being parsed?