Session

The Session Authenticator supports the storage of the user object on the session.

The user variable on the request is set on login() and removed on logout().
Its presence is used to determine whether a user is authenticated or not.

In addition, the Passport.js logIn and logout functions are supported.
If they are available on the request, they will be invoked.

Finally, req.session is supported. If req.session is available, its save() method will be called
to persist session state after login and after logout.

Configuration

There is no additional configuration required.