Skip to content

anonymous /server.js

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Use Passport.js to authenticate by access_token (the token generated and sent by client side)
// This is an example ment to demo how I managed to implement
// passport login by given access token for both Google and FB.
// I guess other oauth based logins will work as well.
// It is usefull for Apps using their own client side oauth
// for generating access token and then use the same token
// to login into a web service.
// Facebook has it's 'passport-facebook-token' package and
// twitter as well but google doesn't have it's 'passport-google-token'.
// That's why I needed this for my own project.
var express = require('express');
var passport = require('passport');
var FacebookStrategy = require('passport-facebook').Strategy;
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
var app = express();
app.use(passport.initialize());
passport.use(new GoogleStrategy({
clientID: config.passport.google.clientID,
clientSecret: config.passport.google.clientSecret,
callbackURL: "#" //not in use
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({ googleId: profile.id }, function (err, user) {
return done(err, user);
});
}
));
passport.use(new FacebookStrategy({
clientID: config.passport.facebook.clientID,
clientSecret: config.passport.facebook.clientSecret,
callbackURL: "#" //not in use
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate(..., function(err, user) {
if (err) { return done(err); }
done(null, user);
});
}
));
//Most of the following function is copied from passport-oauth2/lib/strategy.js::authenticate()
var authenticate_by_token = function(req, options) {
options = options || {};
var self = this;
if (req.query && req.query.error) {
return this.fail();
}
if ((req.query && req.query.access_token) || (req.body && req.body.access_token)) {
var accessToken = req.query.access_token || req.body.access_token;
var refreshToken = req.query.refresh_token || req.body.refresh_token || '';
var params = {};
self._loadUserProfile(accessToken, function(err, profile) {
if (err) { return self.error(err); };
function verified(err, user, info) {
if (err) { return self.error(err); }
if (!user) { return self.fail(info); }
self.success(user, info);
}
if (self._passReqToCallback) {
var arity = self._verify.length;
if (arity == 6) {
self._verify(req, accessToken, refreshToken, params, profile, verified);
} else { // arity == 5
self._verify(req, accessToken, refreshToken, profile, verified);
}
} else {
var arity = self._verify.length;
if (arity == 5) {
self._verify(accessToken, refreshToken, params, profile, verified);
} else { // arity == 4
self._verify(accessToken, refreshToken, profile, verified);
}
}
});
}
}
//override authenticate function with the new version
FacebookStrategy.prototype.authenticate = authenticate_by_token;
GoogleStrategy.prototype.authenticate = authenticate_by_token;
//set routes
app.post('login/fbtoken', passport.authenticate('facebook'));
app.post('login/ggtoken', passport.authenticate('google'));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.