passport js local strategy response handling
exports.isLocalAuthenticated = function(req, res, next) { passport.authenticate('local', function(err, user, info) { if (err) { return next(err); } //error exception // user will be set to false, if not authenticated if (!user) { res.status(401).json(info); //info contains the error message } else { // if user authenticated maintain the session req.logIn(user, function() { // do whatever here on successful login }) } })(req, res, next); }