You can rewrite it without the anonymous function, or the custom callback. Just use passport's passport.use(new LocalStrategy())
function to create the new strategy. See 'Configure' docs.
passport.use(new LocalStrategy(
function(username, password, done) {
logIn({ username: username }, function (err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Incorrect username.' });
}
if (!user.validPassword(password)) {
return done(null, false, { message: 'Incorrect password.' });
}
return done(null, user);
});
}
));
The only change you need to make is move the logIn
function to be in this file, and not a method to req
. Then you can simply call passport.authenticate
like so:
app.get('/login', passport.authenticate('local', { successRedirect: '/',
failureRedirect: '/login' }));
So instead of using res.redirect in the callback, you just use passport's built in successRedirect
and failureRedirect
properties. You can see their docs as well, on the authentication page.