As the tile indicates, I am wondering as to whether
using a user authentication framework like passportJS is the most popular option for user authentication implementation (excluding using any third party services)
or whether using builtin Node.js functions is more standard.
CodePudding user response:
The value of passportJS is that is supports many dozens of authentication strategies with various add-ons so you can pick up pre-built code for multiple authentication strategies that all work within one overall authentication model. So, your app could code for passportJS and automatically support as many of the various strategies that passportJS supports as you want.
If you've seen websites that let you login with Google, Facebook, Twitter or your own custom username/password, then this is a lot easier to implement if you use an authentication framework like passportJS that already links all these login strategies into one model rather than you writing your own code to hook up to all those different services and probably writing your own internal API to hide the inner details of whatever login service is being used.
On the other hand, if you are only ever going to support one authentication model then there's far less reason to use passportJS as you can just implement that one model natively and you can probably pick up a nodejs module for that one model to save you some work.
For my own work, I chose to use passportJS even when I was only starting with username/password because I wanted the flexibility to easily support other login services without having to rearchitect anything later. I had to learn how to use passportJS, but I felt that was a small price to pay for the flexibility going forward to add other authentication models. You will obviously need to make your own choices in this regard, based on your own goals and your own thinking about what the future of your app might include.