Identifying Users for GitHub Apps at Heroku

HerokuPassportGithub2.js

const express = require('express')
const session = require('express-session')
const passport = require('passport')
const GitHubStrategy = require('passport-github2').Strategy

const clientId = process.env.GITHUB_APP_CLIENT_ID
const clientSecret = process.env.GITHUB_APP_CLIENT_SECRET
const domainName = process.env.DOMAIN_NAME

const app = express()

passport.use(new GitHubStrategy({
  clientID: clientId,
  clientSecret: clientSecret,
  state: true
}, (accessToken, refreshToken, profile, done) => {
  process.accessToken = accessToken
  process.nextTick(() => {
    return done(null, profile)
  })
}))

passport.serializeUser((user, done) => {
  done(null, user)
})

passport.deserializeUser((obj, done) => {
  done(null, obj)
})

app.use(session({
  name: 'AppSessionID',
  secret: 'IT\'S A SECRET TO EVERYBODY',
  resave: false,
  saveUninitialized: false,
  cookie: {
    httpOnly: true,
    secure: 'auto',
    proxy: true,
    domain: domainName,
    maxAge: 1000 * 60 * 30 // 30min
  }
}))
app.use(passport.initialize())
app.use(passport.session())

// needslogin => GitHub => applogin
app.get('/needslogin', passport.authenticate('github'))
app.get('/applogin', passport.authenticate('github', {
  failureRedirect: '/',
  successRedirect: '/'
}))