Include the passport middlewares initialization in the module about passport HOT 9 CLOSED

I don't talk about "handling express-session" and so to "have additional modules" for each strategy

I talk about handling the core passport feature of "session"
This "core" is probably used by more than one strategy
And "session" should be easy to do, because so many people are just putting their JWTs in LocalStorage to reinvent the wheel

from passport.

at least we should document it.
the current document about @nestjs/passport miss quite a lot of important but very detailed features and considering only stateless backend using jwt

from passport.

@Nabellaleen any update on this?

from passport.

You can use MiddlewareConsumer for this: https://docs.nestjs.com/middleware#middleware-consumer

from passport.

Please read again my message.

The consumer variable in the "monkey-patch" I've done, is a usage of MiddlewareConsumer.

The problem is not there, the problem is : the @nestjs/passport should register correctly the passport middlewares.

And I can give a hand, but here, I'm out of my skills, because it's not as simple as adding this configure(consumer) method, because the options are not available in configure.

from passport.

While waiting for an update of the library, I've created my own module, but it's stay a hack, because it should be handled by the library.

import { DynamicModule, MiddlewareConsumer, RequestMethod } from '@nestjs/common'
import * as passport from 'passport'

const DEFAULT_ROUTES = [{ path: '*', method: RequestMethod.ALL }]

export class PassportSessionModule {
  static register(): DynamicModule {
    return {
      module: PassportSessionModule,
    }
  }
  configure(consumer: MiddlewareConsumer) {
    console.log('init')
    const middlewares = [
      passport.initialize(),
      passport.session(),
    ]
    consumer
      .apply(...middlewares)
      .forRoutes(...DEFAULT_ROUTES)
  }
}

from passport.

What if you are using a strategy that doesn't rely on sessions, like JWT? Should it be still bind a session middleware? Should Nest also bind express-session, as Passport doesn't play well with Fastify, or should it leave that up to the developer? There's too many options around Passport to delegate it to the base module, in my opinion.

from passport.

As nestjs provide a @nestjs/passport module to handle passport ... so yes, this module should allow all passport usages

The question is more "how" ; "how" could we handle this usages without over-engineering anything ?

It could by providing additional modules, it could be throught module parameters. But it has to be handled somewhere, at least in the documentation.

from passport.

I feel that having additional modules for each passport strategy is just gonna start over-engineering the main passport module, which is meant to basically be a wrapper around all passport strategies. If I'm being honest, I think this should just be an update to the docs as a warning and leaving it up to the developer.

from passport.