Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fastify-session integration #421

Merged
merged 18 commits into from
Jan 4, 2022
Merged

fastify-session integration #421

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
d277340
chore: added support for fastify/session
sameer-coder Dec 18, 2021
02bbb11
Merge branch 'main' of https://github.com/sameer-coder/fastify-passpo…
sameer-coder Dec 20, 2021
9741894
chore: docs update, interface for session manager
sameer-coder Dec 20, 2021
75362ab
chore: fix test attempt
sameer-coder Dec 20, 2021
3928881
chore: added package-lock.json
sameer-coder Dec 20, 2021
48270a6
chore: reusable test suite added
sameer-coder Dec 22, 2021
dfd5558
Merge branch 'main' of https://github.com/sameer-coder/fastify-passpo…
sameer-coder Dec 22, 2021
8ab1cd7
chore: package-lock update
sameer-coder Dec 22, 2021
9d08f56
chore: improved logging
sameer-coder Dec 22, 2021
90f2699
chore: minor readme update
sameer-coder Dec 22, 2021
e085cf6
chore: improve tests
sameer-coder Dec 23, 2021
12320fc
Merge branch 'main' of https://github.com/sameer-coder/fastify-passpo…
sameer-coder Dec 23, 2021
408810e
chore: delete package lock
sameer-coder Dec 24, 2021
48a6171
chore: fixed conflicts
sameer-coder Dec 24, 2021
6b3f95a
chore: package-lock added again
sameer-coder Dec 31, 2021
4612749
Merge branch 'main' of https://github.com/sameer-coder/fastify-passpo…
sameer-coder Dec 31, 2021
453b5c1
chore: fix tests
sameer-coder Dec 31, 2021
10cc74a
chore: fix tests and package lock
sameer-coder Dec 31, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,32 @@ server.post(
server.listen(0)
```

Alternatively, `@fastify/session`(https://github.com/fastify/session) is also supported and works out of the box for session storage.
sameer-coder marked this conversation as resolved.
Show resolved Hide resolved
Here's an example:

```js
import { Authenticator } from 'fastify-passport'
import fastifyCookie from 'fastify-cookie'
import fastifySession from '@fastify/session'

const server = fastify()

// setup an Authenticator instance which uses @fastify/session
const fastifyPassport = new Authenticator()

server.register(fastifyCookie)
server.register(fastifySession, { secret: 'secret with minimum length of 32 characters' })

// initialize fastify-passport
server.register(fastifyPassport.initialize())

// register an example strategy for fastifyPassport to authenticate users using
fastifyPassport.use('test', new SomePassportStrategy()) // you'd probably use some passport strategy from npm here
```

## Difference between `fastify-secure-session` and `@fastify/session`
`fastify-secure-session` and `@fastify/session` are both session plugins for Fastify which are capable of encrypting/decrypting the session. The main difference is that `fastify-secure-session` uses the stateless approach and stores the whole session in an encrypted cookie whereas `@fastify/session` uses the stateful approach for sessions and stores them in a session store.

## Session Serialization

In a typical web application, the credentials used to authenticate a user will only be transmitted once when a user logs in, and after, they are considered logged in because of some data stored in their session. `fastify-passport` implements this pattern by storing sessions using `fastify-secure-cookie`, and serializing/deserializing user objects to and from the session referenced by the cookie. `fastify-passport` cannot store rich object classes in the session, only JSON objects, so you must register a serializer / deserializer pair if you want to say fetch a User object from your database, and store only a user ID in the session.
Expand Down
Loading