Comments (17)
@rkusa right, this is doable, but I just realised that it beats my purpose to get rid of the passport < 0.6.0 vulnerability (which is the reason I wan to update koa-passport :-) )
from koa-passport.
koa-session v6.4.0 was just released, with my PR linked above merged (koajs/session#221). This solves the issue without any workarounds needed.
from koa-passport.
@younes-io @haydarai Sole purpose of koa-passport
5.x
was to upgrade passport
to v6. So if you have to use an older version of passport
, you can use koa-passport
4.x
for now.
from koa-passport.
Is there any ETA for this? I'm considering my options for what the best way would be to solve this problem within the next few weeks (waiting for a fix or refactoring)
from koa-passport.
@rkusa I suppose the 2nd option is better; merging something like that in koa-passport would just be an ugly fix, so anyone interested (including myself) should take the responsibility of adding it to the codebase.
from koa-passport.
Nice! What about koa-generic-session?
from koa-passport.
@rkusa : can you please downgrade ? This is really blocking me and I'm rethinking to switch to express if this is going to take a long time :/
from koa-passport.
@rkusa koa-passport 5 uses passport v6 whereas koa-passport 4 uses passport v4. Since passport v5 seems to be the way to go for now, how does one handle that?
from koa-passport.
@nemphys Fair point. Passport v5 looks to me like it just stops extending http.IncomingMessage.prototype
, which koa-passport
already did from the begining (and all other minor releases are about fixes/compatibility for that change). However, I might be wrong. In this case, you could depend on koa-passport@4
and pin passport
to v5
- the combination should work fine I think.
from koa-passport.
@rkusa passport
is defined as a dependency of koa-passport
, not a peer dependency. So when using koa-passport@4
, [email protected]
will be used, not v0.5
. Also, please note that all passport
versions starts with 0.
, this is currently wrong in the README
which speaks of v5
and v6
, etc. See https://github.com/jaredhanson/passport/tags
from koa-passport.
I've added a fix to koa-session
with which I am able to use koa-passport
correctly, see: koajs/session#221
from koa-passport.
I am contemplating whether I should merge #187 (add a workaround to koa-passport
) or point everyone to a custom middleware as a workaround (see #187 (comment)). Any opinions?
from koa-passport.
Perhaps the MR can serve as a scaffolding for the same change there? I don't use koa-generic-session, so won't have the time to look into it.
from koa-passport.
"koa-passport": "^6.0.0",
"koa-router": "^12.0.0",
"koa-session": "^6.4.0",
We get error: 2023-02-07T12:19:47.935Z error: uncaughtException: Cannot read properties of null (reading 'regenerate')
TypeError: Cannot read properties of null (reading 'regenerate')
at C:\d\node_modules\passport\lib\sessionmanager.js:83:17
at C:\d\node_modules\koa-session\lib\session.js:156:26
at processTicksAndRejections (node:internal/process/task_queues:95:5)
Please help, how to fix that?
from koa-passport.
@ilonaand the failing line of code is here:
req.session.regenerate(...)
So it looks like you don't have a session. Are you sure you're actually using the koa-session
plugin?
from koa-passport.
Thanks, but we using koa-session
import session from 'koa-session';
import passport from 'koa-passport';
passport.serializeUser((user: unknown, done) => {
log.info('serializeUser', user);
done(null, (user as IUser).id);
});
passport.deserializeUser((id: string, done) => {
try {
log.info('deserializeUser', id);
const user = userService.findOne(id);
done(null, user);
} catch (err) {
done(err);
}
});
.use(session(Config, app))
.use(passport.initialize())
.use(passport.session())
The user logs in without errors, the session is created, and the error occurs immediately after logging out
from koa-passport.
Very strange. We have a setup very similar to do this, and it all works for us. The error message does hint at req.session
missing, so the problem lies somewhere there.
from koa-passport.
Related Issues (20)
- koa-passport doesn't work with local-strategy? HOT 1
- Delegate Koa's ctx.protocol in request HOT 1
- external session storage does not work HOT 2
- The callback in ctx.login() is not being executed, "Error: Failed to serialize user into session" HOT 9
- Strange behavior for passport.authenticate() function HOT 8
- passport.authenticate("jwt", {session: false}) will not executed. Does koa-passport support JWT strategies? HOT 1
- passport serialize user: next is not a function HOT 2
- mocking request loses original koa app instance, breaking resolving of req.subdomains, because req.app.subdomainOffset is undefined HOT 4
- Documentation | authenticate() HOT 2
- Use koa-passport without koa-session HOT 1
- Not work well with @koa/router in Typescript HOT 2
- koa-passport@next is broken! HOT 1
- Passing multiple strategies to passport.authenticate() HOT 1
- export `AuthenticateOptions` HOT 1
- Should `ctx.state.user` contains `password`? HOT 1
- Update passport to latest version HOT 2
- Mix of express/koa with passport in both breaks HOT 3
- Passport authentification - LocalStrategy async/await issue
- userProperty option doesn't work
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from koa-passport.