Correct use of passport-jwt & deserializeUser
dn-l opened this issue · 1 comments
dn-l commented
Hi, here's my code:
async function jwtStrategy (jwtPayload, done) {
const user = await User.findById(jwtPayload.sub)
.deepPopulate('one.two.three')
.exec()
.catch(errorHandler(done))
if (!user) {
return done(createHttpError(401))
}
done(null, user)
}
passport.use(new JwtStrategy(jwtStrategyOptions, jwtStrategy))
passport.deserializeUser(async (id, done) => {
const user = await User.findById(id)
.deepPopulate('one.two.three')
.exec()
.catch(errorHandler(done))
done(null, user)
})
It works great however i noticed that i make too make requests (populate). On every api request i get passport.deserializeUser
executed and jwtStrategy
straight after. What's the correct usage here?
dn-l commented
I ended up removing session support => deserialize became redundant