how it works sessions in passport-local and express - session

I'm trying to implement sessions in my sailsjs app. To make login I'm using passport and passport-local, by default passport manage session with serialize and deserialize but how it works, in the documentation talks about use express sessions too. My question is why I maybe have to use both, and how each it works?
This is to learn when use them.
Thanks

Some examples for Sails/Passport/Passport-local integration:
https://gist.github.com/adityamukho/6260759
https://github.com/RelativeMedia/sails-PassportLocalMongoExample
https://github.com/cgmartin/sailsjs-angularjs-bootstrap-example
https://gist.github.com/adityamukho/6260759

Related

How to override Laravel 5.8 Attempt method?

I have been very much wondering how the attempt method works at background in Laravel, how it creates user session. My authentication process is much different, I am not using the database to authenticate at all, but instead I am using some data from third party API and then generate user sessions in my application.
During this implementation I do want to use the amazing laravel Auth features.
I know this is doable, may be there is a simple process for this, but I am not understanding the correct one.

How can i create multiple authendication in laravel api?

I have two different registers and logins. How can i create multiple authendication for that using laravel api.
It's a little bit tricky because Laravel Passport doesn't currently support multiple authentication yet. What I did with a previous project of mine is use this package for implementing multiple authentication for APIs using Laravel Passport. The package I've suggested is fairly simple to implement. Go check it out!

Use external API for login, without database

For a Laravel 5.8 project, I need to use an external API to connect my users.
I do not need a database but I would like to use Auth::user(), Auth::check() ...
Is it possible to use the session driver rather than the database driver for data persistence ?
I searched a lot but I did not find a convincing answer that respects the best practices, thank you in advance!
The default Laravel Auth guard does not support this behaviour, you will need to add an extra Auth guard for this, take a look at this tutorial which dives deep into writing custom guards.

Laravel default auth vs Token authentication

I start building a new app and wonder what will be the best way to implement auth - security wise.
What are the cons, pros, and differences between the Laravel make:auth and using jwt-auth.
Is Laravel's default auth will be enough?
This description is pragmatic approach so you can do something else if you want.
I think while developing an API you should use JWT based authentication mechanism.
The Json Web Token(JWT) tokens includes user information in itself. So it giving so much important benefit to manage session. First and most important of the benefits is you can be manage sessions without storing them at server. I would like to explaint it just to avoid misunderstanding, you can have store it at server but it's not necessary except a few scenario. These scenarios depend on how you could designed your authentication.
I able to do a lot of more explains about of it but in summary if you are developing an API I propose you would use JWT-Token.

Laravel Bundle OneAuth compatibility with Sentry

My team and I(the business/idea guy) are developing a new Startup using the Laravel framework. I'm not a tech guy but I want to learn as much as possible.
We began with installing and utilizing the Sentry Bundle, and then added the OneAuth bundle for the Facebook login; however, we continued to get errors.
Is OneAuth not compatible with Sentry?
Sentry is coming out with a socialplugin soon. Should we just wait for that or how should we go about this?
OneAuth author here, the problem right now is Sentry is not using Laravel Auth Driver to authenticate the user which make it difficult for the integration to happen. The two way to tackle the limitation:
Convert all Auth called in OneAuth to use Laravel\IoC, this would require Sentry to register IoC on their side.
Sentry to add an adapter class (extends Laravel\Auth\Drivers\Driver)
Either ways, there some works need to be done on Sentry side, I'm open for solution if they are looking to use OneAuth as their social plugin.

Resources