Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example tools for using querystring redirects with Feathers OAuth login.
'use strict';
const authentication = require('feathers-authentication');
const jwt = require('feathers-authentication-jwt');
const local = require('feathers-authentication-local');
const oauth2 = require('feathers-authentication-oauth2');
const GithubStrategy = require('passport-github');
// Bring in the oauth-handler
const makeHandler = require('./oauth-handler');
module.exports = function () {
const app = this;
const config = app.get('authentication');
// Create a handler by passing the `app` object.
const handler = makeHandler(app);
// Set up authentication with the secret
app.configure(authentication(config));
app.configure(jwt());
app.configure(local());
app.configure(oauth2(Object.assign({
name: 'github',
Strategy: GithubStrategy,
// Provide the handler to the GitHub auth setup.
// The successRedirect should point to the handle-oauth-login.html hosted on the web server.
handler: handler(config.github.successRedirect)
}, config.github)));
app.service('authentication').hooks({
before: {
create: [
authentication.hooks.authenticate(config.strategies)
],
remove: [
authentication.hooks.authenticate('jwt')
]
}
});
};
<!DOCTYPE html>
<html lang="en">
<head>
<title>Handle OAuth Login</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<script>
function getQueryVariable(variable) {
var query = window.location.search.substring(1);
var vars = query.split('&');
for (var i = 0; i < vars.length; i++) {
var pair = vars[i].split('=');
if (decodeURIComponent(pair[0]) == variable) {
return decodeURIComponent(pair[1]);
}
}
console.log('Query variable %s not found', variable);
}
var token = getQueryVariable('token');
if (token) {
window.localStorage.setItem('feathers-jwt', token);
}
window.location = '/';
</script>
</body>
</html>
module.exports = function (app) {
return function (url) {
const config = app.get('authentication');
const options = {
jwt: config.jwt,
secret: config.secret
};
return function (req, res, next) {
if (req.feathers && req.feathers.payload) {
app.passport.createJWT(req.feathers.payload, options).then(token => {
res.redirect(`${url}?token=${token}`);
})
.catch(error => {
next(error);
});
}
};
};
};
@emeagenciadigital

This comment has been minimized.

Copy link

commented Dec 14, 2018

Awesome, this should be more promoted on feathers docs.

@7NT

This comment has been minimized.

Copy link

commented Feb 7, 2019

not sure how to set "The successRedirect should point to the handle-oauth-login.html hosted on the web server."

say if my backend is localhost:3030, and frontend is localhost:8080

should I point that "handle-oauth-login.html" at front or back?

@klemy

This comment has been minimized.

Copy link

commented May 30, 2019

Thank you! It should be included into the doc, it's useful.

@iyk-azorji

This comment has been minimized.

Copy link

commented Jun 24, 2019

Thanks for this! @marshallswain

But what if you have multiple frontends (e.g a web app and a mobile app) and want them to share the same authentication logic?
Is there a way to figure out which frontend to re-direct to?

@marshallswain

This comment has been minimized.

Copy link
Owner Author

commented Jun 24, 2019

@iyk-azorji, I've not attempted this scenario, but there is a url variable in that redirect. You're probably going to be better off using the beta version of the authentication plugin, though. I'd invest time into that instead of trying to make this work. The new one is supposed to be much more flexible, but I haven't tried it yet.

@iyk-azorji

This comment has been minimized.

Copy link

commented Jun 24, 2019

Cool! Thanks all the same! I have resorted to setting up custom strategies for the different frontends that would be used. It works perfectly for now, but not the elegant solution I was hoping for..

Cheers!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.