Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Communication betwen passport and auth script should be protected by token #20
Current passport authentication script don't validate if it trigger passport authentication or not Before redirecting to passport it should generate token and send it to passport. Passport should send it back with response to allow validate it.
Also passport sends user profile in JSON format. We should use JWT signed token for this.
We also can use