I am developing a simple product catalogue in nodejs. Nothing spectacular, basically a standard express site with some forms for crud operations of the products. Now those forms should only be visible to the admin so just one single account.
I have used passportJS so far but the way it would be now is:
Thats not how this is supposed to work is it? ;) I just need a single admin user to access the forms. nothing else.
How can I add that user while still being secure? I was thinking to use authentication and login form setup with PassportJS and inject the user directly via the Mongoshell. I am just honestly to inexperienced to know if that is the totally wrong/insecure approach or not.
Any pointers would be highly appreciated since every single tutorial I have come across so far "only" shows how to create the whole register/login system.
Steven Ventimiglia
Creative Technologist & Sr. Front-End Developer
I would recommend doing what I do... search Google for something like, "npm passport express tutorial" or "express mongo user authentication tutorial". That will always result in some awesomesauce tutorial (most often, accompanied by a git repo.)
I'm not sure, but PassportJS doesn't seem necessary for this.
Maybe just use plain user authentication, starting the app off by checking for a user via Mongoose/Express, and if there is none, just having the initial user create an account with an email and password.