Passport
Serializing/Deserializing
passport.serializeUser(function(user, done) {
done(null, user.id);
// where is this user.id going? Are we supposed to access this anywhere?
});
// used to deserialize the user
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
- the
user.id
we pass as an arg to done
(inside serializeUser
) is saved in the session. We can later use it to retrieve the whole user object (deseralizeUser
)
serializeUser
determined which data in the User
object shoould be saved in the session
- the result of
serializeUser
is attached to the session as req.session.passport.user
- the
id
that is passed to deseralizeUser
is used to find the session object that has already been stored. The key it looks for is the same key provided to the done
funtion in serializeUser
- the fetched object is attached to the request object as
req.user