Update strategy to work with no field #91
Conversation
It could be very useful to have the option to permit send request with no body. For example, we cam use an usual login strategy with username and password, OR a cookie based login if username and password fields are not given.
|
I was about to fork the repo to do exactly what you did. |
|
Multiple authentication strategies can be attempted as follows: passport.authenticate(['local', 'cookie-based-strategy'])If the first strategy fails, the second one will be attempted. Authentication succeeds if any one strategy succeeds, or fails if all strategies fail. There is no need for additional options in the strategies themselves. |
|
@jaredhanson I would want this feature for different reasons. I'd like that all errors are handled by my custom error handling middleware in express. Now passport-local responds to the error directly and doesn't continue the middleware-flow. Do you have any ideas how I could improve the error message? It's not very informative to respond simply 'Bad Request' to my API users. |
|
This is exactly why I would want this feature as well. |
|
+1 |
|
I guess the point here is the i would like to create my custom response. If the library handle the express response error, then i can't create my custom error. |
It could be very useful to have the option to permit send request with no body. For example, we can use an usual login strategy with username and password, OR a cookie-based login if username and password fields are not given. I tried myself and it was a success, we don't need to send a 400 status error because we can handle it further.