Many of Passport's strategies are based on HTTP sessions. At the moment, our application is just using simple cookies to store user IDs. To use Passport for third-party authentication, we'll need to add session support into our application. Express provides session support in the express-session
module. First, we add this to our application:
> npm install express-session --save
We also need somewhere to store session data. Express supports a variety of session stores via additional modules. Redis is well suited to this task and we already have a Redis instance available. We can use the connect-redis
module to store sessions in Redis:
> npm install connect-redis --save
We can now create a new configuration module to keep all our session logic in one place. Since this will return middleware, we'll put it in the middleware
folder here src/middleware/sessions.js
:
'use strict'; const session = require('express-session'); let config = { secret: process.env.SESSION_SECRET...