In my passport authentication strategy, I make a typical call to my user class to query the user and check hashes. If this is a success, I make another call to an employee API where I check a few things in the employee record before sending back a true or false on the strategy.While I have the employee info, I wanted to go ahead and do a user.employee = employee so that the employee info gets passed back with the user and stored in the session. That way I dont need to make any calls for it in the future.It of course works, but is manipulating the user object going to interfere with passport's serialize/de-serialize functions in anyway? Am I violating any sort of best-practice here?
Submitted March 02, 2018 at 09:54PM by 64bitHustler
No comments:
Post a Comment