Using multiple passports

[angel1st]

Hi there,
Suppose I need two different passports within one express application (e.g. user & room).
So I define two separate vars:

var passport    = require('passport');
var roomPassport = require('passport');

then, I initialize them with separate passport strategies:

require('./config/passport')(passport); // pass passport for configuration
require('./config/passport')(roomPassport); // pass passport for configuration

the last step is to set them as Express middleware:

// required for passport
application.use(session({ secret: 'ilovepassport;-)' })); // session secret
application.use(passport.initialize());
application.use(passport.session()); // persistent login sessions
application.use(roomPassport.initialize({ userProperty: "room" }));
application.use(roomPassport.session()); // persistent login sessions
application.use(flash()); // use connect-flash for flash messages stored in session`

however, if I did it like this, in fact roomPassport overrides passport and instead of having two objects - req.user and req.room, I have got just one req.room but initialized with user data.

It is important to mention that each passports (user or room) could authenticate independently from each other, i.e. there is a scenario where both objects req.user and req.room have to exist.

How to resolve this?

[angel1st]

Some update - two different instances of the passport have been created using:

var Passport = require('passport').Passport,
    passport = new Passport(),
    roomPassport = new Passport();

However, the next problem is that req holds single instance of passport - the last one attached to the middleware via application.use(roomPassport.initialize({ userProperty: "room" }));
It causes wrong invocation of serializeUser / deserializeUser

So how this could be fixed?

[jeffwilcox]

Hi,
You want to configure the alternate username property for your 2nd instance.

For your 2nd passport instance roomPassport, if you want to be able to work with req.roomUser, use this init code:

app.use(passport.initialize({ userProperty: 'roomUser' }));

[sebbsan]

for me, I want to use passport to authenticate clients and users. A user could log in using, say, Local strategy, using a client that would authenticate through Bearer strategy.
The desired result is that the authenticated client is passed through req.client and the authenticated user through req.user key subsequently.
I haven't quite found a way to achieve this with Passport, but maybe I haven't looked deep enough?

I guess using the authInfo key I could pass in client information, but this seems more like a workaround for me.

[cstavaru]

Hello everyone,

If you would like the multiple passports to be used on different routes (and do not need both 'user' and 'room' to ever be simultaneously present in the same request handler), you can solve this issue by using multiple express.Router() objects, something like this:

var roomRouter = express.Router();
var userRouter = express.Router();

var roomPassport = new Passport();
var userPassport = new Passport();

roomRouter.use(roomPassport.initialize({ userProperty: 'room'});
userRouter.use(userPassport.initialize());

roomRouter.get('/rooms/...', roomPassport.authenticate(), roomRequestHandler);
userRouter.get('/user/rooms/...', userPassport.authenticate(), userRequestHandler);

// and finally
app.use(roomRouter);
app.use(userRouter);

[rolandeke]

@cstavaru how do I authenticate each instance differently