+ 1

What is Passport?

It is authentication middleware for Node.js. Extremely flexible and modular, It can be unobtrusively dropped in to any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.
Passport is a tool in the User Management and Authentication category of a tech stack.
Passport is an open source tool with 17.6K GitHub stars and 1K GitHub forks. Here’s a link to Passport's open source repository on GitHub

Who uses Passport?

29 companies reportedly use Passport in their tech stacks, including hogangnono, Brainhub, and Decision6.

122 developers on StackShare have stated that they use Passport.
Pros of Passport
Be the first to leave a pro
Public Decisions about Passport

Here are some stack decisions, common use cases and reviews by companies and developers who chose Passport in their tech stack.


Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku . However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.

Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.

Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.

Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.

See more

Passport's Features

  • Single sign-on with OpenID and OAuth
  • Easily handle success and failure

Passport Alternatives & Comparisons

What are some alternatives to Passport?
A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications.
Devise is a flexible authentication solution for Rails based on Warden
Amazon Cognito
You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline.
It is an authorization framework that enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
Spring Security
It is a framework that focuses on providing both authentication and authorization to Java applications. The real power of Spring Security is found in how easily it can be extended to meet custom requirements.
See all alternatives

Passport's Followers
184 developers follow Passport to keep up with related blogs and decisions.
Daniel Stieber
Łukasz Wojtal
Erich Lauer
Giovanni Clavarino
Andrew Mason
Peyman Mohtashami
Shwetha Shetty
Aman Singh
Oran P