In passport.js, I notice when people use the authenticate method, they sometimes add (req, res, next?) after calling the method. What does this do exactly?
E.g. A little snippet from here: https://github.com/jaredhanson/passport/blob/master/lib/authenticator.js
passport.authenticate('basic', { session: false })(req, res);
Thank you
Passport is authentication middleware for Node.js i.e. it checks whether an API request being made is from an authenticated source. So every time an API request is made,the request (req) passes through the authentication strategy used by passport,and if succesfully authenticated,then passport binds the details of the user to the request(req).
So in your case, if authentication was successfull,then req shall contain more details about the user who is requesting for the API.You can now be sure that the API request (req) is from an authenticated source.
For a better understanding,you might want to have a look at the following:
https://github.com/jaredhanson/passport-http
https://github.com/passport/express-3.x-http-basic-example/blob/master/server.js