Skip to content

Instantly share code, notes, and snippets.

@jokecamp
Last active July 6, 2020 13:50
Show Gist options
  • Save jokecamp/65604d50227b8ea8e0d3 to your computer and use it in GitHub Desktop.
Save jokecamp/65604d50227b8ea8e0d3 to your computer and use it in GitHub Desktop.
Demo for Passport.js authentication in a Node.js Express application
{
"name": "securehelloworld",
"version": "1.0.0",
"description": "",
"main": "server.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "",
"license": "ISC",
"dependencies": {
"express": "^4.13.3",
"express-session": "^1.11.3",
"passport": "^0.3.0",
"passport-github": "^1.0.0"
}
}
var express = require('express');
var app = express();
var passport = require('passport');
var GithubStrategy = require('passport-github').Strategy;
passport.use(new GithubStrategy({
clientID: "YOUR CLIENT ID",
clientSecret: "YOUR CLIENT SECRET",
callbackURL: "http://localhost:30000/auth/github/callback"
},
function(accessToken, refreshToken, profile, done) {
// placeholder for translating profile into your own custom user object.
// for now we will just use the profile object returned by GitHub
return done(null, profile);
}
));
// Express and Passport Session
var session = require('express-session');
app.use(session({secret: "enter custom sessions secret here"}));
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done) {
// placeholder for custom user serialization
// null is for errors
done(null, user);
});
passport.deserializeUser(function(user, done) {
// placeholder for custom user deserialization.
// maybe you are getoing to get the user from mongo by id?
// null is for errors
done(null, user);
});
// we will call this to start the GitHub Login process
app.get('/auth/github', passport.authenticate('github'));
// GitHub will call this URL
app.get('/auth/github/callback',
passport.authenticate('github', { failureRedirect: '/' }),
function(req, res) {
res.redirect('/');
});
app.get('/', function (req, res) {
var html = "<ul>\
<li><a href='/auth/github'>GitHub</a></li>\
<li><a href='/logout'>logout</a></li>\
</ul>";
// dump the user for debugging
if (req.isAuthenticated()) {
html += "<p>authenticated as user:</p>"
html += "<pre>" + JSON.stringify(req.user, null, 4) + "</pre>";
}
res.send(html);
});
app.get('/logout', function(req, res){
console.log('logging out');
req.logout();
res.redirect('/');
});
// Simple route middleware to ensure user is authenticated.
// Use this route middleware on any resource that needs to be protected. If
// the request is authenticated (typically via a persistent login session),
// the request will proceed. Otherwise, the user will be redirected to the
// login page.
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) { return next(); }
res.redirect('/')
}
app.get('/protected', ensureAuthenticated, function(req, res) {
res.send("acess granted");
});
var server = app.listen(30000, function () {
console.log('Example app listening at http://%s:%s',
server.address().address, server.address().port);
});
@pallavidhan
Copy link

could you solve the issue? i am getting the same error

@bouwerp
Copy link

bouwerp commented Jul 6, 2020

Line 42 should be:
passport.authenticate('github', { failureRedirect: '/auth/github' }),
(It keeps on redirecting back to '/' ad infinitum otherwise)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment