I have an express app which uses a username and password to auth. It's part of a MERN stack.
I'm building a separate application and want to use some auth token to authenticate with the server.
How do I mix between two strategies, for example, passport-http-bearer (or passport-jwt) and passport-local? Both will use the same API endpoints. But I want to use local for the frontend and Bearer for the other separate application.
From what I understood, I will have to add passport.authenticate('bearer') like this
app.use(passport.authenticate('bearer'))
// OR in specific routes
app.get('/', passport.authenticate('bearer'), (req, res) => {
res.json({ message: 'hello', user: req.user || 'No user' })
})
But this will result in Unauthorized in the first application. (Using a username or password)