search

saintedlama / passport-local-mongoose

Passport-Local Mongoose is a Mongoose plugin that simplifies building username and password login with Passport
MIT License
1.18k stars 294 forks source link

Unauthorized plain text #359

Closed mirairoad closed 2 years ago

mirairoad commented 2 years ago

Hi There, my auth system works great but I am getting crazy to change the Unauthorized plain text when I insert the wrong pass or the account is temporary deactivated. I would like to change Unauthorized plain text into a json object, plus dump the passwordErr inside. Thanks

my model page : `userSchema.plugin(passportLocalMongoose,{ limitAttempts:true, maxAttempts:5, unlockInterval:100000 });

// PASSPORT ANY STRATEGIES" passport.use(User.createStrategy());

passport.serializeUser(function (user, done) {

done(null, user.id);

});

`

my controller is attached below: `const loginController = async function (req, res, next) { const user = new User({ username: req.body.username, password: req.body.password, });

try {
req.login(user, async function (err) { const queryResult = await User.findByUsername(user.username) if (err || !queryResult) { res.status(404).json({ message: "faild", message_error: "email not found"}); next(err); } else { console.log(passport.authenticate("local")) passport.authenticate("local")(req, res, async function () {

      let profile = await Profile.find({ owner: req.user._id });
      profile = profile[0];

      if (profile) {
        res.status(200).json({
          message: "Authenticated successfully & profile found",
          user: req.user,
          profile,
        });

      } else {
        res
          .status(200)
          .json({ message: "Authenticated successfully", user: req.user });
      }

    })

}});

} catch (err) { res.status(500).json({ message: "failed", message_error: err }); } };`

saintedlama commented 2 years ago

Really hard to read as the code is quite free form formatted. What puzzles me here is the req.login and why the code uses an else to fetch the user

mirairoad commented 2 years ago

thanks for replying. Sorry for that, was my bad, I was trying to receive a different message >.<

basically, this function below keep giving me a standard 401 unauthorize in plain/text, passport.authenticate("local") I want to be able to show to my Vue client max attempts login from passport-local-mongoose, but because I keep having 401 in both cases I am not sure if I am missing some setup to show that error message.

mirairoad commented 2 years ago

I am an idiot, I fixed it thank you so much!

santgr11 commented 2 years ago

I am an idiot, I fixed it thank you so much!

Hi, how did you fix it? I'm having the same issue