What is Passport.js?
Why Interviewers Ask This
This tests whether you can apply Node.js knowledge to real-world scenarios. Interviewers are looking for clarity of thought and evidence that you've encountered this in production code.
Answer
Passport.js is the most widely used authentication middleware for Node.js and Express. It has a modular strategy-based architecture — you install specific strategy packages for each authentication method: passport-local (username/password), passport-jwt (JSON Web Tokens), passport-google-oauth20 (Google OAuth), passport-github, etc. There are 500+ strategies available. Passport normalizes the authentication process: regardless of strategy, successful authentication calls done(null, user) which attaches the user to req.user. Integration with Express: app.use(passport.initialize()); (required) and app.use(passport.session()); (for session-based auth). Protect routes with passport.authenticate("jwt", { session: false }) as middleware. For OAuth, Passport handles the redirect flow and token exchange. Serialize/deserialize user to/from session: passport.serializeUser() and passport.deserializeUser().
Pro Tip
This topic has Node.js-specific nuances that differ from general programming. Highlighting those nuances in your answer shows expertise rather than generic knowledge.
Previous
What is session management in Node.js?
Next
What is the difference between SQL and NoSQL databases and when to use each with Node.js?