Back to Agent Skills
Security & Quality
Passport.js Strategies
Configure Passport.js authentication middleware with 500+ strategies for Express and Node.js applications.
Claude Code Cursor Copilot
Overview
Passport.js is the most widely used authentication middleware for Node.js, with over 500 authentication strategies available as separate packages. It follows a modular architecture where each authentication method (local, OAuth, SAML, etc.) is implemented as a strategy plugin, keeping the core library lightweight and flexible.
The library integrates seamlessly with Express.js and provides a consistent API for authenticating requests. Strategies handle the specifics of each authentication method while Passport manages session serialization, request augmentation, and authentication flow control. Popular strategies include passport-local for username/password, passport-google-oauth20 for Google, and passport-jwt for token-based auth.
Passport supports both session-based and stateless authentication. For session-based auth, it provides serialize/deserialize hooks that control how user data is stored in and retrieved from sessions. For API authentication, JWT and Bearer token strategies enable stateless request validation without server-side session storage.
The library integrates seamlessly with Express.js and provides a consistent API for authenticating requests. Strategies handle the specifics of each authentication method while Passport manages session serialization, request augmentation, and authentication flow control. Popular strategies include passport-local for username/password, passport-google-oauth20 for Google, and passport-jwt for token-based auth.
Passport supports both session-based and stateless authentication. For session-based auth, it provides serialize/deserialize hooks that control how user data is stored in and retrieved from sessions. For API authentication, JWT and Bearer token strategies enable stateless request validation without server-side session storage.
Who Is This For?
- Add local username/password auth to an Express app
- Implement Google OAuth2 login with Passport
- Set up JWT-based API authentication
- Combine multiple auth strategies in one application
Installation
Setup for Claude Code
npm install passport passport-local express-sessionConfiguration
// config/passport.ts
import passport from "passport"
import { Strategy as LocalStrategy } from "passport-local"
passport.use(new LocalStrategy(
async (username, password, done) => {
const user = await User.findOne({ username })
if (!user || !await user.verifyPassword(password)) {
return done(null, false, { message: "Invalid credentials" })
}
return done(null, user)
}
))Explore AI Tools
Discover the best AI tools that complement your skills
Read AI & Design Articles
Tips and trends in the world of design and AI
Related Skills
Security & Quality
Snyk Security Scan
Detect vulnerabilities in your dependencies and application code. Get actionable remediation advice and automatic fix pull requests.
Claude Code Codex Copilot
Security & Quality SonarQube Code Quality
Run continuous code quality and security analysis to catch bugs, code smells, and vulnerabilities before they reach production.
Claude Code Codex Copilot
Security & Quality OWASP ZAP Security Testing
Perform automated web application security testing to find common vulnerabilities like XSS, injection flaws, and misconfigurations.
Claude Code Codex