We know that passport is an authentication middleware for Node and it is used to

authenticate requests. Now lets see what is passport.serialize and passport.deserialize. Passport

attaches the profile information to req.user and this occurs as a result of the serializeUser() and

deserializeUser() functions. Passport.serialize and passport.deserialize are used to set id as a cookie in

the user's browser and to get the id from the cookie when it then used to get user info in a callback. The

done() function is an internal function of passport.js and the user id which you provide as the second

arguement of done() function is saved in the session and it is later used to get the whole object using

deserializeUser function. The serializeUser is the one which determines which data in the user object is

to be stored in the session. The first argument of deserializeUser corresponds to the key of user object

this key can be user id, name,email or anything. This key is given as second arguement in done()

function. deserializeUser checks if the key matches with the in memory array or database or any data

resource to get the whole user object.