-
Notifications
You must be signed in to change notification settings - Fork 30
Auth
Package: "passport". I do not have any information about good alternatives.
Local strategy is fully implemented together with google and Facebook strategies.
Local strategy features Log In with (email/password), Sign Up, Password forgot/reset. It includes sending activation and reset password emails. Views rendering and validation done completely on the server. Some minor validation is missing (like entering empty credentials will reload login page).
Facebook/Google strategies are supported. App designed in such a way that it would be easy to add more auth providers. User entity in database has JSON field profile with optional fields for each strategy (profile.local, profile.google, etc).
When the same user use different authentication profiles App should allow to link those into one account. In Contoso Express used simplified mechanism which links accounts together by email address.
So if a user first creates a local account with email address [email protected] and then log in with google account for the same email those profiles would be automatically treated as one account.