Saturday, 29 April 2017

No redirect on failed passport authentication

New to nodejs, liking it so far, trying to do some custom handling for passport authentication. The success redirect works fine, however upon an unsuccessful attempt i would like to not continue the post event.
What I'm trying to accomplish is fire an alert off that opens a dialog (this part is working like I want, via the socket call) to the current page if there is an issue with the login attempt. The browser just waits if I don't call res.send() for example, or attempts to redirect to a page that does not exist if I do.

routes.js

app.post('/login', function (req, res, next) {
    passport.authenticate('local-login', function (err, user, msg) {
        if (err) {
            io.emit('status alert', err);
        }
        if (!user) {
            io.emit('status alert', msg);
            //res.send();
        }
        req.logIn(user, function (err) {
            if (err) {
                io.emit('status alert', err);
            }
            if (user) {
                return res.redirect('/loginsplash');
            }
        });
    })(req, res, next);
});

passport.js

passport.use(
    'local-login',
    new LocalStrategy({
        usernameField : 'username',
        passwordField : 'password',
        passReqToCallback : true
    },
    function (req, username, password, done) {
        db.getConnection().query("SELECT * FROM users WHERE uname = ?", [username], function (err, rows) {
            if (err)
                return done(err);
            if (!rows.length) {
                return done(null, false,  'Invalid Username or Password.');
            }

            // if the user is found but the password is wrong
            if (!bcrypt.compareSync(password, rows[0].upw))
                return done(null, false, 'Invalid Username or Password.');

            // all is well, return successful user
            return done(null, rows[0]);
        });
    })
);



via Vamp4L

No comments:

Post a Comment