jaredhanson/passport

★ 23,534JavaScriptAudience · developerComplexity · 2/5StaleLicenseSetup · easy

Mindmap

mindmap
  root((Passport))
    What it does
      Verifies user identity
      Manages login sessions
      Pluggable strategies
    Strategies
      Username and password
      OAuth social login
      Enterprise SSO
      API tokens
    Use cases
      Multi-login web apps
      Social sign-in
      Enterprise auth
      Session management
    Tech stack
      Node.js
      Express
      JavaScript
    Integration
      Drop-in middleware
      No database lock-in
      Flexible routing

mindmap root((Passport)) What it does Verifies user identity Manages login sessions Pluggable strategies Strategies Username and password OAuth social login Enterprise SSO API tokens Use cases Multi-login web apps Social sign-in Enterprise auth Session management Tech stack Node.js Express JavaScript Integration Drop-in middleware No database lock-in Flexible routing

Things people build with this

USE CASE 1

Add email/password login to a Node.js web app without building authentication from scratch.

USE CASE 2

Let users sign in with Google, Facebook, or GitHub alongside traditional username/password.

USE CASE 3

Integrate enterprise single sign-on (SAML, OpenID Connect) into your application.

USE CASE 4

Maintain user sessions across multiple requests in an Express application.

Tech stack

JavaScriptNode.jsExpress

Getting it running

Difficulty · easy Time to first run · 5min

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

Passport is an authentication library for Node.js, that is, a set of tools that handles the "who are you?" part of a web application. Authentication is the process of verifying a user's identity before allowing them into a protected area of your app, and building it from scratch every time is tedious and error-prone. Passport solves this by providing a consistent interface that works with Express, one of the most popular Node.js web frameworks. The key concept is a "strategy", a pluggable module that implements a specific way of authenticating users. Passport ships with support for the classic username-and-password approach, but there are over 480 community strategies covering login via Google, Facebook, GitHub, and other social platforms (using the OAuth standard), enterprise single sign-on systems (using protocols like SAML and OpenID Connect), and API token-based approaches. You pick the strategies your app needs, configure them, and Passport handles the rest, including maintaining login sessions across multiple requests. You would use Passport when building a Node.js web application that needs user accounts. It is especially useful when you want to support multiple ways to log in, for example, both a traditional email/password form and "Sign in with Google", without writing separate authentication logic for each one. Passport deliberately stays out of your way: it does not dictate how you store users in a database or how you structure your routes, so it fits into existing projects without requiring a major redesign. It is written in JavaScript and requires Node.js.

Copy-paste prompts

Prompt 1

Show me how to set up Passport with Express to handle username and password login.

Prompt 2

How do I add 'Sign in with Google' to my Node.js app using Passport?

Prompt 3

What's the simplest way to add session management to my Express app with Passport?

Prompt 4

I need to support both email/password and GitHub login, how do I configure multiple Passport strategies?

Prompt 5

How do I protect routes so only logged-in users can access them using Passport?

Open on GitHub → Explain another repo

Generated 2026-05-18 · Model: sonnet-4-6 · Verify against the repo before relying on details.