Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there an equivalent to passport-local on Grant ? #128

Open
AaronNGray opened this issue Jul 19, 2019 · 6 comments
Open

Is there an equivalent to passport-local on Grant ? #128

AaronNGray opened this issue Jul 19, 2019 · 6 comments

Comments

@AaronNGray
Copy link

It there an equivalent to passport-local https://github.com/jaredhanson/passport-local that allows Grant to have a local strategy for login ?

passport.use(new LocalStrategy(
  function(username, password, done) {
    User.findOne({ username: username }, function (err, user) {
      if (err) { return done(err); }
      if (!user) { return done(null, false); }
      if (!user.verifyPassword(password)) { return done(null, false); }
      return done(null, user);
    });
  }
));

I am ideally wanting to be able to provide both local login and OAuth2 based login. And want to use Grant as passport is way too cumbersome and badly coded. Grant seems a far far cleaner implementation.
@simov
Copy link
Owner

simov commented Jul 19, 2019

Thanks @AaronNGray!

Grant is only concerned with OAuth, and more specifically either OAuth1.0a or the OAuth2.0 authorization_code grant type.

You can use both Grant and some other middleware for user/pass authentication in your app.

@AaronNGray
Copy link
Author

AaronNGray commented Jul 19, 2019
edited

It might be nice to have a basic example with local authorization with fixed username and password just to show people how it can be done. Although its a separate route really. Another possibility might to use a local Auth2 server.

@AaronNGray
Copy link
Author

There used to be a very good site once when passport first came out that gave example logins to all the Auth2 servers as well as example UI access to all of the Facebook and Twitter API's.

@simov
Copy link
Owner

simov commented Jul 20, 2019

OAuth along with OpenID Connect are used for Federated Identity, meaning that the goal is to never let your users enter their passwords directly on your server, but instead delegate that to a third-party Identity Provider.

Grant helps you to easily configure and leverage such provider(s), whether that be a third-party one, or your own, hosted somewhere on your stack. Then you have to make the decision if and how are you going to support password authentication. There are services like Auth0 that supports that out of the box.

@EmmyMay
Copy link

EmmyMay commented Jun 22, 2020

Hi Simov. I understand this is an oauth library but are there better examples of it being used? The docs don't really make for a good example of how one would implement it because what I saw looks too simple to just be it. I'm coming from a passport background so it kinda looks too good to be true.

@simov
Copy link
Owner

simov commented Jun 22, 2020
edited

Hi @EmmyMay, there are a bunch of examples in the examples folder, and specifically to get the user profile as with Passport it is this one.

For all examples you can follow the readme in the main examples folder. Then based on the example folder name you can get the rest of the information from the main readme in the module.

Let me know if you have any questions.

Also this might help.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@AaronNGray @simov @EmmyMay