users can be registered and logged in

api/controllers/AuthController.js

@@ -108,7 +108,7 @@ module.exports = {
       } else {
         // make sure the server always returns a response to the client
         // i.e passport-local bad username/email or password
-        res.status(403).json({
+        res.status(401).json({
           'error': err.toString()
         })
       }

api/controllers/UserController.js

@@ -12,7 +12,9 @@ module.exports = {
   create: async function (req, res, next) {
     const passportHelper = await sails.helpers.passport()
     passportHelper.protocols.local.register(req.body, function (err, user) {
-      if (err) return res.negotiate(err)
+      if (err) return res.status(500).json({
+        error: err.toString()
+      })
 
       res.json(user)
     })
@@ -21,7 +23,9 @@ module.exports = {
   update: async function (req, res, next) {
     const passportHelper = await sails.helpers.passport()
     passportHelper.protocols.local.update(req.body, function (err, user) {
-      if (err) return res.negotiate(err)
+      if (err) return res.status(500).json({
+        error: err.toString()
+      })
 
       res.json(user)
     })

api/helpers/passport.js

@@ -1,5 +1,6 @@
 // api/helpers/passport.js
 // from https://github.com/trailsjs/sails-auth/blob/master/api/services/passport.js
+
 const url = require('url')
 
 module.exports = {
@@ -17,8 +18,19 @@ module.exports = {
   }
 }
 
+const passport = require('passport')
+passport.serializeUser(function (user, next) {
+  next(null, user.id)
+})
+passport.deserializeUser(function (id, next) {
+  return User.findOne({id: id})
+    .then(function (user) {
+      next(null, user || null)
+      return user
+    }).catch(next)
+})
+
 function PassportHelper () {
-  const passport = require('passport')
   this.protocols = sails.config.protocols
 
   this.loadStrategies = function () {
@@ -110,7 +122,7 @@ function PassportHelper () {
     let user
 
     if (!req.user) {
-      if (!passport) {  // new user signing up, create a new user
+      if (!passport) { // new user signing up, create a new user
         user = await User.create(userAttrs).fetch()
         await Passport.create({
           ...q,

api/models/Passport.js

@@ -52,15 +52,17 @@ module.exports = {
   /**
   * callback run before creating a Passport
   */
-  beforeCreate: async function (passport) {
+  beforeCreate: async function (passport, next) {
-    return hashPassword(passport)
+    await hashPassword(passport)
+    return next()
   },
 
   /**
   * callback run before updating
   */
-  beforeUpdate: async function (passport) {
+  beforeUpdate: async function (passport, next) {
-    return hashPassword(passport)
+    await hashPassword(passport)
+    return next()
   },
 
   // methods

config/protocols.js

@@ -34,6 +34,8 @@ module.exports.protocols = {
           const res = await Passport.validatePassword(password, passport)
           if (!res) throw new Error('incorrect password')
           return next(null, user, passport)
+        } else {
+          throw new Error('that account does not have password login enabled')
         }
       } catch (e) {
         return next(e)
@@ -54,11 +56,12 @@ module.exports.protocols = {
             user: newUser.id,
             accessToken: token
           })
+          return next(null, newUser)
         } catch (e) {
+          console.log(newUser)
           await User.destroy(newUser.id)
           throw e
         }
-        return next(null, newUser)
       } catch (e) {
         return next(e)
       }

config/routes.js

@@ -31,6 +31,7 @@ module.exports.routes = {
   'GET /register': {
     view: 'pages/login'
   },
+  'GET /app': 'TargetController.show',
 
   /***************************************************************************
   *                                                                          *