Basic auth verify function
kristof opened this issue · 2 comments
kristof commented
Shouldn't the basic auth verify function look something like this instead of the current implementation?
passport.use(new BasicStrategy(
function(username, password, done) {
User.findOne({ username: username }, function(err, user) {
if (err) {
return done(err);
}
if (!user || !user.checkPassword(password)) {
return done(null, false);
}
return done(null, user);
});
}
));
Current implemenation:
passport.use(new BasicStrategy(
function(username, password, done) {
Client.findOne({ clientId: username }, function(err, client) {
if (err) {
return done(err);
}
if (!client) {
return done(null, false);
}
if (client.clientSecret !== password) {
return done(null, false);
}
return done(null, client);
});
}
));
kristof commented
Never mind, Client credentials uses basic auth aswel :)
boldkhuu commented
@kristof @ealeksandrov Is basic auth verify function needless? It seems doesn't run. When I put console.log in it, it doesn't log anything.