April 19, 2020

Today was spent doing far more research than coding. After working through more of the Advanced Node and Express module on freeCodeCamp, I pulled up the repository for Passportjs and studied the code for a bit. The workflow presented by freeCodeCamp to manage login sessions makes sense, but in my attempt to manage the dependencies I’m working with, I want to understand what’s happening behind the scenes. Up until now, I have found that I am capable of doing much of the work I’ve set out to do with vanilla JavaScript, and so have been spare in the dependencies I’ve incorporated into my projects. For my Discord bots, I’ve managed to limit my dependencies to discord.js. For my website, I’ve included the Mongodb server and mongodb package to host and operate my database and, more recently, express.js to simplify and better manage server operations.

So it was with great trepidation that I added express-session and passport to the mix, with the passport-oauth2 add-on to help me better manage authentication via the OAuth2 protocol. These are, however, a lot of moving parts to add all at once, and I’m realizing that these packages are going to take some time for me to parse through and understand. Initially, I had anticipated that it might take me about a week’s worth of work to get this authorization system up and running; when I started making quick progress up front, I amended that to accomplish this work over the weekend. However, now I’m realizing that a week is far more realistic.

Of major help was dropping into the Discord API server on Discord, where there was already a running conversation on OAuth2, and where I came across this excellent write up of OAuth2 on digitalocean. Tomorrow, as part of my coding work, I’ll be sitting down with pen and paper to draw out a diagram of how the authorization flow will work on my site, as I gain a better understanding of how the authorization flow works in general. In this process, I hope to better understand how I can utilize passport effectively, and better justify my use of it. I’m still set on using as few dependencies as possible, and I know that my dependencies will swell a bit once I begin integrating React.

Comments? Follow me on twitter and drop me a line in response to this tweet:

Day 007: lots of brain-imploding reading, learning, and practice around authorizing users. Made progress in the Advanced Node and Express module on @freeCodeCamp. Worked through some of the passportjs source code. Lots of work to do still.https://t.co/K5UEjS9OUm#nonsensemod365 pic.twitter.com/VlEEkPUYp2

— Joshua Alexander (@nonsensecodes) April 20, 2020