Example tools for using querystring redirects with Feathers OAuth login.

authentication.js

'use strict';

const authentication = require('feathers-authentication');
const jwt = require('feathers-authentication-jwt');
const local = require('feathers-authentication-local');
const oauth2 = require('feathers-authentication-oauth2');
const GithubStrategy = require('passport-github');
// Bring in the oauth-handler
const makeHandler = require('./oauth-handler');

module.exports = function () {
  const app = this;
  const config = app.get('authentication');
  
  // Create a handler by passing the `app` object.
  const handler = makeHandler(app);

  // Set up authentication with the secret
  app.configure(authentication(config));
  app.configure(jwt());
  app.configure(local());

  app.configure(oauth2(Object.assign({
    name: 'github',
    Strategy: GithubStrategy,
    // Provide the handler to the GitHub auth setup.
    // The successRedirect should point to the handle-oauth-login.html hosted on the web server.
    handler: handler(config.github.successRedirect)
  }, config.github)));

  app.service('authentication').hooks({
    before: {
      create: [
        authentication.hooks.authenticate(config.strategies)
      ],
      remove: [
        authentication.hooks.authenticate('jwt')
      ]
    }
  });
};

handle-oauth-login.html

<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Handle OAuth Login</title>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
  </head>
  <body>
  <script>
    function getQueryVariable(variable) {
      var query = window.location.search.substring(1);
      var vars = query.split('&');
      for (var i = 0; i < vars.length; i++) {
        var pair = vars[i].split('=');
        if (decodeURIComponent(pair[0]) == variable) {
          return decodeURIComponent(pair[1]);
        }
      }
      console.log('Query variable %s not found', variable);
    }
    var token = getQueryVariable('token');
    if (token) {
      window.localStorage.setItem('feathers-jwt', token);
    }
    window.location = '/';
  </script>
  </body>
</html>

oauth-handler.js

module.exports = function (app) {
  return function (url) {
    const config = app.get('authentication');
    const options = {
      jwt: config.jwt,
      secret: config.secret
    };

    return function (req, res, next) {
      if (req.feathers && req.feathers.payload) {
        app.passport.createJWT(req.feathers.payload, options).then(token => {
          res.redirect(`${url}?token=${token}`);
        })
        .catch(error => {
          next(error);
        });
      }
    };
  };
};

Awesome, this should be more promoted on feathers docs.

not sure how to set "The successRedirect should point to the handle-oauth-login.html hosted on the web server."

say if my backend is localhost:3030, and frontend is localhost:8080

should I point that "handle-oauth-login.html" at front or back?

Thank you! It should be included into the doc, it's useful.

Thanks for this! @marshallswain

But what if you have multiple frontends (e.g a web app and a mobile app) and want them to share the same authentication logic?
Is there a way to figure out which frontend to re-direct to?

@iyk-azorji, I've not attempted this scenario, but there is a url variable in that redirect. You're probably going to be better off using the beta version of the authentication plugin, though. I'd invest time into that instead of trying to make this work. The new one is supposed to be much more flexible, but I haven't tried it yet.

Cool! Thanks all the same! I have resorted to setting up custom strategies for the different frontends that would be used. It works perfectly for now, but not the elegant solution I was hoping for..

Cheers!

What ?

I'm facing the same problem but with some difference:

And ?

I have a feathers js app and and others express-node js app.
Now i want to have a sso authentication system for all these system.

Architecture 👩‍💻 ?

Apps are like:

app1.domain.com
app2.domain.com
app3.domain.com
feathers.domain.com
I'm on a vps.

Need your help please !

Do you have some suggestion or recommandation for me please ?
Can i use the Oauth of feathers ?
Because there are a miss of feathers and node js app, is this(sso) possible ?

Thank very for time you spend to respond to this.