Suppose I have the code like this:

var api1 = require('api1');
var api2 = require('api2');
var app = express();
app.use('/api1', api1);
app.use('/api2', api2);

Here is the code for api1 module:

var router = express.Router();
var options = {
    jwtFromRequest:ExtractJwt.fromAuthHeader(),
    secretOrKey:config.JWTSecret,
    algorithms:['HS256']
}

passport.use(new JwtStrategy(options, function(jwt_payload, verify) {
    //here I look for the user in database No.1
}));
router.post('/files', passport.authenticate('jwt', { session: false}), function(req, res) {
   //...
}
module.exports = router;

And this is is the code for api2 module:

var router = express.Router();
var options = {
    jwtFromRequest:ExtractJwt.fromAuthHeader(),
    secretOrKey:config.JWTSecret,
    algorithms:['HS256']
}

passport.use(new JwtStrategy(options, function(jwt_payload, verify) {
    //here I look for the user in database No.2
}));
router.post('/files', passport.authenticate('jwt', { session: false}), function(req, res) {
   //...
}
module.exports = router;

This woun't work. In both cases, if I make POST to "/api1/files" and to "/api2/files" it will look for the user in database No2. If there is no solution for this problem, using passport.js api, what are the other posssible approaches for dealing with such kind of issue?

Suppose I have the code like this:

var api1 = require('api1');
var api2 = require('api2');
var app = express();
app.use('/api1', api1);
app.use('/api2', api2);

Here is the code for api1 module:

var router = express.Router();
var options = {
    jwtFromRequest:ExtractJwt.fromAuthHeader(),
    secretOrKey:config.JWTSecret,
    algorithms:['HS256']
}

passport.use(new JwtStrategy(options, function(jwt_payload, verify) {
    //here I look for the user in database No.1
}));
router.post('/files', passport.authenticate('jwt', { session: false}), function(req, res) {
   //...
}
module.exports = router;

And this is is the code for api2 module:

var router = express.Router();
var options = {
    jwtFromRequest:ExtractJwt.fromAuthHeader(),
    secretOrKey:config.JWTSecret,
    algorithms:['HS256']
}

passport.use(new JwtStrategy(options, function(jwt_payload, verify) {
    //here I look for the user in database No.2
}));
router.post('/files', passport.authenticate('jwt', { session: false}), function(req, res) {
   //...
}
module.exports = router;

This woun't work. In both cases, if I make POST to "/api1/files" and to "/api2/files" it will look for the user in database No2. If there is no solution for this problem, using passport.js api, what are the other posssible approaches for dealing with such kind of issue?

• javascript
• node.js
• passport.js

• i'm not actually clear on what you're asking. Are you saying that the two API's have different user sets, and pletely separate databases with the users in them? – Paul Commented Jun 16, 2016 at 12:12

1 Answer 1

The trick to this is using the named strategy syntax. Basically when you call passport.use() you can pass an optional first param that tells passport the name of the strategy, then use that name (rather than the default) with the authenticate call. So in your case you could do something like:

passport.use('jwt-1', new JwtStrategy(options, function(jwt_payload, verify) {
    //here I look for the user in database No.1
}));

router.post('/files', passport.authenticate('jwt-1', { session: false}), function(req, res) {
   //...
}

Your api2 would then name its strategy 'jwt-2' or whatever makes sense to you.