OAUTH AND PASSPORT FOR EXPRESS
/////////////////////////////////////////////////////////
/****
*
****/*
It is authorization, not authentication.
Authorization is used for what you can do.
You usually get tokens...
/****
*
****/*
// THE SETUP STRATERGY
// installing Github auth
npm install passport-github --save
|||||||||||||||||||||||||||||||||||||||||||||
npm install passport --save npm install express-session --save
We'll use persistent session store with mongoDB to keep the login persistent
// in app.js
var passport = require('passport'); var GitHubStrategy = require('passport-github').Strategy; var FacebookStrategy = require('passport-facebook').Strategy; var session = require('express-session'); var MongoStore = require('connect-mongo')(session);
function generateOrFindUser (accessToken, refreshToken, profile, done) { User.findOneAndUpdate({ email: profile.emails[0].value }, { name: profile.displayName || profile.username, email: profile.emails[0].value, photo: profile.photos[0].value }, { upsert: true }, done); } else { var noEmailError = new Error("Your email privacy settings prevent you from signing into bookworm!"); done(noEmailError, null); } }
// config the strategy passport.use(new GitHubStrategy({ // do not enter your actual ID and Key here! clientID: process.env.GITHUB_CLIENT_ID, clientSecret: process.env.GITHUB_CLIENT_SECRET, callbackURL: "http://localhost:3000/auth/github/return" }, generateOrFindUser));
passport.use(new FacebookStrategy({ // do not enter your actual ID and Key here! clientID: process.env.FACEBOOK_APP_ID, clientSecret: process.env.FACEBOOK_APP_SECRET, callbackURL: "http://localhost:3000/auth/facebook/return", profileFields: ['id', 'displayName', 'photos', 'email'] }), generateOrFindUser);
passport.serializeUser(function (user, done) { done(null, user._id); });
passport.deserializeUser(function(userId, done) { User.findById(userId, done); // done is a callback function });
...
var auth = require('./routes/auth');
...
// after db connection // Session config for Passport and MongoDB
var sessionOptions = { secret: "this is a super secret dadada", resave: true, saveUninitialized: true, store: new MongoStore({ mongooseConnection: db }) }
app.use(session(sessionOptions));
// Init Passport app.use(passport.initialize());
// Restore Session app.use(passport.session());
app.use('/auth', auth);
// in routes > auth.js
var express = require('express'); var router = express.Router(); var passport = require('passport');
// Get /auth/login/github
router.get('/login/github', passport.authenticate('github'));
// Get /auth/github/return
router.get('/github/return', passport.authenticate('github', {failedRedirect: '/'}), function(req, res) { //Succes Auth, redirect to page for now res.redirect('/profile'); });
// Get /auth/login/facebook
router.get('/login/facebook', passport.authenticate('facebook', { scope: ["email"]}));
// Get /auth/facebook/return
router.get('/facebook/return', passport.authenticate('facebook', {failedRedirect: '/'}), function(req, res) { //Succes Auth, redirect to page for now res.redirect('/profile'); });
// GET /auth/logout
router.get('/logout', function(req, res) { req.logout(); res.redirect('/'); })
module.exports = router;
// to use vars in command line...
GITHUB_CLIENT_ID=123432 GITHUB_CLIENT_SECRET=892u3rw9u ./bin/www