Passport: PassportJS login fails (Local Strategy) silently

Created on 9 Sep 2015  Â·  9Comments  Â·  Source: jaredhanson/passport

Hi all.

Fairly vanilla implementation here, however on login I get a _successful_ failureRedirect trigger, despite none of my console log messages occurring in my strategy. This leads me to believe that PassportJS is eating an exception somewhere.

Stack:
Node v.12
Sequelize ORM on top of PostGres

Passport initialization :

var passport = require('passport')
  , LocalStrategy = require('passport-local').Strategy;

passport.use(new LocalStrategy(
  function(username, password, done) {
    console.log("USING PASSPORTJS");
    db.Admin.findOne({ username: username })
    .then(function(admin){
      if (!admin.validPassword(password)) {
        console.log('Invalid password');
        return done(null, false, { message: 'Incorrect password.' });
      }
      else if (admin === null) {
        console.log('Admin not found');
        return done(null, false, { message: 'Incorrect username.' });
      }
      return done(null, admin);
    })
    .catch(function(err){return done(err)});
  }
));

app.use(session({secret: "DEMANDFOOD"}))
app.use(passport.initialize());
app.use(passport.session());

app.post('/login',
  passport.authenticate('local', { successRedirect: '/menus',
                                   failureRedirect: '/login',
                                   failureFlash: false })
);

app.get('/login', function(req, res){
  res.render('auth/login.jade', {
    //...
  })
});

If it is relevant, I have defined my own validPassword method on my Admin model:

validPassword: function(password, done) {
        bcrypt.compare(password, this.password, function(err, res) {
            console.log(password);
            console.log(this.password);
            return res;
        });
      }

Most helpful comment

Jesus wept.

On Wed, Sep 9, 2015, 11:34 Jared Hanson [email protected] wrote:

Closed #407 https://github.com/jaredhanson/passport/issues/407.

—
Reply to this email directly or view it on GitHub
https://github.com/jaredhanson/passport/issues/407#event-404963709.

All 9 comments

What debugging have you done to isolate this as a passport issue?

Not to sound snarky, but it's the logging in component that doesn't work...?

Also, my failureRedirect works, which implies that passport.authenticate is being called, but the unconditional console log from my strategy is not rendering.

EDIT: realized my initial question was rather vague. The rest of my web application is working. However, I can't seem to login, even with valid credentials (or even tell myself that my credentials are not valid)

Not to sound snarky, but this is a widely used project, and what you describe is its only purpose, and it is known to be working.

More than likely this is some issue in your application, and filing an issue here causes me to spend time on things that I don't have time to spend on. It helps maintainers of projects if you can do a bit of debugging prior to filing an issue, which saves both you and them (me, in this case) valuable time.

Is your bcrypt logs getting printed? Is the result what you expect? This sort of information goes a long way...

No, it is not.

I don't know how to debug, because my config is _exactly_ the same as it appears on your website (except in places where I have explicitly stated they differ, such as using Sequelize ORM and a custom validPassword method). The only way I can think to debug is to console log things, which is not occurring.

The entirety of my application is functioning except for the login process.

Also, if anything, my question potentially points to an inadequacy of documentation or otherwise exception handling within passportjs, so your sarcasm is not appreciated.

I'd bet your login request doesn't carry credentials correctly. I'm not being sarcastic. I don't believe its too much for me to ask you to help debug your issue.

Do you have the bodyParser middleware so the credentials are parsed?

Fair - pardon me; text is an ambiguous medium.

You were correct! My bodyParsing middleware was not implemented before my login handler. I was not aware of this because login is the only route I have in app.js; the rest of my routes (which also handle form input) are in seperate controllers.

Thank you for your time.

Jesus wept.

On Wed, Sep 9, 2015, 11:34 Jared Hanson [email protected] wrote:

Closed #407 https://github.com/jaredhanson/passport/issues/407.

—
Reply to this email directly or view it on GitHub
https://github.com/jaredhanson/passport/issues/407#event-404963709.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

ksmithut picture ksmithut  Â·  6Comments

xingrz picture xingrz  Â·  5Comments

Gibbo3771 picture Gibbo3771  Â·  4Comments

wongeun picture wongeun  Â·  4Comments

prakhar897 picture prakhar897  Â·  6Comments