Local username and password authentication strategy for Passport.


Passport strategy for authenticating with a username and password.

This module lets you authenticate using a username and password in your Node.js applications. By plugging into Passport, local authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

$ npm install passport-local

The local authentication strategy authenticates users using a username and password. The strategy requires a verify callback, which accepts these credentials and calls done providing a user.

passport.use(new LocalStrategy(
  function(username, password, done) {
    User.findOne({ username: username }, function (err, user) {
      if (err) { return done(err); }
      if (!user) { return done(null, false); }
      if (!user.verifyPassword(password)) { return done(null, false); }
      return done(null, user);

Use passport.authenticate(), specifying the 'local' strategy, to authenticate requests.

For example, as route middleware in an Express application:'/login', 
  passport.authenticate('local', { failureRedirect: '/login' }),
  function(req, res) {

For complete, working examples, refer to the multiple examples included.

$ npm install
$ npm test

The MIT License

Copyright (c) 2011-2014 Jared Hanson <>