Update content/recipes/passport.md

kamilmysliwiec · web-flow · commit c3266cdbee97 · 2024-10-18T08:41:06.000+02:00
diff --git a/content/recipes/passport.md b/content/recipes/passport.md
@@ -628,7 +628,7 @@ The `validate()` method deserves some discussion. For the jwt-strategy, Passport
 
 As a result of all this, our response to the `validate()` callback is trivial: we simply return an object containing the `userId` and `username` properties. Recall again that Passport will build a `user` object based on the return value of our `validate()` method, and attach it as a property on the `Request` object.
 
-Additionally, you can return an array, which first value will be used to build a `user` object and second value will be used to build a `authInfo` object.
+Additionally, you can return an array, where the first value is used to create a `user` object and the second value is used to create an `authInfo` object.
 
 It's also worth pointing out that this approach leaves us room ('hooks' as it were) to inject other business logic into the process. For example, we could do a database lookup in our `validate()` method to extract more information about the user, resulting in a more enriched `user` object being available in our `Request`. This is also the place we may decide to do further token validation, such as looking up the `userId` in a list of revoked tokens, enabling us to perform token revocation. The model we've implemented here in our sample code is a fast, "stateless JWT" model, where each API call is immediately authorized based on the presence of a valid JWT, and a small bit of information about the requester (its `userId` and `username`) is available in our Request pipeline.
 
