This is my folder structure:
/app
server.js
/public
index.html
script-a.js
/scripts
script-b.js
These are the relevant contents of my index.html:
<!-- index.html -->
.....
...
<script scr="/script-a.js"></script>
<script scr="/script-b.js"></script>
These are the relevant contents of server.js:
import express from 'express'
import session from 'express-session'
import NedbStore from 'nedb'
import passport from 'passport'
import { Strategy as FacebookStrategy } from 'passport-facebook'
import { ensureLoggedIn } from 'connect-ensure-login'
....
..
const db = new NedbStore({ filename: `${__dirname}/db/nedb.db`, autoload: true })
const DB = dbAsyncWrapper(db)
app.use(cors({
origin: '*',
credentials: true,
optionSuccessStatus: 200
}))
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', 'http://localhost:4200')
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
res.header('Access-Control-Allow-Methods', 'POST, GET')
next()
})
app.use(cookieParser())
app.use(express.json({ limit: '50mb' }))
app.use(express.urlencoded({ extended: true, limit: '50mb' }))
app.use(session({
secret: 'googoogaga',
resave: false,
saveUninitialized: false
}))
app.use(passport.initialize())
app.use(passport.session())
passport.use(new FacebookStrategy({
clientID : FACEBOOK_APP_ID,
clientSecret : FACEBOOK_APP_SECRET,
callbackURL : "http://localhost:4200/facebook/callback",
profileFields : ['id']
}, async(accessToken, refreshToken, profile, done) => {
let facebookId = profile.id
let userInDb = await DB.getUser()
if (userInDb && userInDb.facebookId === facebookId) {
await DB.updateUser({ accessToken })
done(null, userInDb)
} else {
let newUser = await DB.updateUser({ facebookId, accessToken })
done(null, newUser)
}
}))
passport.serializeUser(function(user, done) {
done(null, user)
})
passport.deserializeUser(function(user, done) {
done(null, user)
})
app.use('/', ensureLoggedIn('/auth/facebook'), express.static(__dirname + '/public'))
app.get('/auth/facebook', passport.authenticate('facebook', { scope:'email' }))
app.get('/facebook/callback', passport.authenticate('facebook', {
successRedirect : '/',
failureRedirect : '/auth/facebook'
}))
With the above code, I'm expecting to:
go to /
be redirected to facebook for login
go back to /
have index.html served and loaded
have script-a.js and script-b.js load correctly
What happens instead is:
I go to / and I'm redirected to /auth/facebook with a 302 status code.
If I remove:
app.use('/', ensureLoggedIn('/auth/facebook'), express.static(__dirname + '/public'))
and instead declare every single route handler manually, everything works:
....
..
app.get('/', ensureLoggedIn('/auth/facebook'), (req,res) => {
res.sendFile(__dirname + '/public/index.html')
})
app.get('/script-a.js', ensureLoggedIn('/auth/facebook'), (req,res) => {
res.sendFile(__dirname + '/public/script-a.js')
})
app.get('/script-b.js', ensureLoggedIn('/auth/facebook'), (req,res) => {
res.sendFile(__dirname + '/public/scripts/script-b.js')
})
If your auth is implemented by this:
app.use('/public', ensureLoggedIn('/auth/facebook'));
Then, you either run that before your express.static() route like this:
app.use(ensureLoggedIn('/auth/facebook'));
app.use(express.static(__dirname + '/public'));
Or, you incorporate it specifically into the static route:
app.use(ensureLoggedIn('/auth/facebook'), express.static(__dirname + '/public'));
When I also include the first 2 lines, not even the index.html gets served. I only get a failed facebook redirect registered on the network panel.
Then, your auth middleware is either correctly denying access to an unauthorized client or your auth middleware is not working properly. There's nothing in your question that indicates which that might be or could allow us to diagnose that for you.
But all other static files fail to be served.
For us to help you with that, we'd have to see the specifics of a static file that is not serving correctly (URL in the web page, location of the resource in your file system, etc...). There are 4-5 common mistakes people make to get static files to work properly. The most common is just using the wrong URL in the web page for static resources such as images, CSS files, script files, etc...
Unfortunately, the only solution I found was to turn my /public folder into a flat structure and do:
app.get('/', ensureLoggedIn('/auth/facebook'), (req,res) => {
res.sendFile(__dirname + '/public/index.html')
})
app.get('/:filename', ensureLoggedIn('/auth/facebook'), (req,res) => {
res.sendFile(__dirname + `/public/${req.params.filename}`)
})
Related
In the code below, when I visit / the first time (not logged onto FB) I'm redirected to the /login page, as expected.
Then I login onto facebook and I'm then taken to /, as expected
If I then refresh the page (while on /) I'm taken back the /login page, as if the session is already over.
It looks like for every new page view of / I'm always asked to login every time.
What am I doing wrong ?
(for testing purposes I'm not yet using a real database and have just set up this preliminary user.js one for the sake of the session..)
user.js
import fs from 'fs'
if (!fs.existsSync('./user.json')) {
fs.writeFileSync('./user.json', JSON.stringify(null))
}
export default {
query(facebookId) {
let user = JSON.parse(fs.readFileSync('./user.json', 'utf8'));
if (user && user.facebookId === facebookId) {
return user
}
return null
},
save(user) {
fs.writeFileSync('./user.json', JSON.stringify(user, null, 2))
return user
},
delete() {
fs.writeFileSync('./user.json', JSON.stringify(null, null, 2))
return true
}
}
server.js
import { Strategy as FacebookStrategy } from 'passport-facebook'
import express from 'express'
import passport from 'passport'
import session from 'express-session'
import fetch from 'node-fetch'
import { fileURLToPath } from 'url'
import { dirname } from 'path'
import cors from 'cors'
import cookieParser from 'cookie-parser'
import { ensureLoggedIn } from 'connect-ensure-login'
import FB from './fb'
import USER from './user'
import bodyParser from 'body-parser'
const jsonParser = bodyParser.json()
const {
PORT,
INSTAGRAM_USER_ID,
FACEBOOK_APP_ID,
FACEBOOK_APP_SECRET,
FACEBOOK_PAGE_NAME
} = process.env
const __filename = fileURLToPath(import.meta.url)
const __dirname = dirname(__filename)
const app = express()
app.use(cors({
origin: '*',
credentials: true,
optionSuccessStatus: 200
}))
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', `http://localhost:${PORT}`)
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
res.header('Access-Control-Allow-Methods', 'POST, GET')
next()
})
app.use(cookieParser())
app.use(bodyParser.json({limit: "50mb"}));
app.use(bodyParser.urlencoded({limit: "50mb", extended: true, parameterLimit:50000}))
app.use(session({ secret: 'googoogaga', resave: false, saveUninitialized: false }))
app.use(passport.initialize())
app.use(passport.session())
passport.use(new facebookStrategy({
clientID : FACEBOOK_APP_ID,
clientSecret : FACEBOOK_APP_SECRET,
callbackURL : `http://localhost:${PORT}/facebook/callback`,
profileFields: ['id', 'displayName']
}, function(accessToken, refreshToken, profile, done) {
let user = USER.query(profile.id)
if (user) {
return done(null, user)
} else {
user = USER.save({
facebookId: profile.id,
accessToken
})
return done(null, user);
}
}));
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
app.get('/auth/facebook', passport.authenticate('facebook', { scope:'email,instagram_basic,pages_show_list' }));
app.get('/facebook/callback', passport.authenticate('facebook', {
successRedirect : '/',
failureRedirect : '/login'
}));
app.get('/login', (req,res) => {
res.sendFile(__dirname + '/public/login.html');
})
app.get('/', ensureLoggedIn('/login'), (req,res) => {
res.status(200).send({ user: req.user })
})
app.get('/logout', function(req, res){
req.session.destroy(()=>{
USER.delete()
res.redirect('/login')
})
})
app.listen(PORT)
It was because of nodemon.
Every time the user logs in I update some files and I forgot to tell nodemon to ignore those changes so the server restarts every time due to those file changes.
Whenever the server restarts the session is also reset.
Be careful with nodemon, make sure you place any files your server will be changing inside a folder and tell nodemon to ignore it.
On the other hand, a server might restart for other reasons as well. Why should the session be reset every time ? Isn't there a way around it ?.
Ideally, there is a generic sign in button on the homepage, which redirects to several sign in buttons, one of which is for Facebook. The user clicks that button and, if authenticated, is redirected to /my-reptiles/.
However, what actually happens is that when the user clicks "Log in with Facebook", they are not prompted with a confirmation from Facebook and are immediately redirected back to the homepage from the ensureAuthenticated() method in my-reptiles.js. When running in private browsing, I am asked to log in to Facebook before being redirected, but I am not asked to approve use of Facebook as a login method. Is this normal?
Also a local mongodb entry for the user is still created even though isAuthenticated() fails.
On the Facebook developer console I have app domains set to localhost and site URL set to http://localhost:3000/.
This is the console output:
GET /auth/facebook 302 4.309 ms - 0
GET /auth/facebook/callback?code=LONG_CODE_HERE 302 215.462 ms - 68
Unauthenticated request!
GET /my-reptiles 302 0.879 ms - 46
GET / 304 14.854 ms - -
This is the network log:
my-reptiles.js
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
return next();
} else {
console.log("Unauthenticated request!");
res.redirect('/');
}
}
router.get('/', ensureAuthenticated, function(req, res, next) {
//Do stuff
});
module.exports = router;
app.js
//Requires here
function findOrCreate(key, cb) {
db.collection('users').findOne(key, (err, user) => {
if (err) {
console.error(err);
} else {
if (!user) {
db.collection("users").insert(key, cb)
} else {
cb(err, user);
}
db.close();
}
});
}
// config
passport.use(new FacebookStrategy(
{
clientID: config.facebook.clientID,
clientSecret: config.facebook.clientSecret,
callbackURL: config.facebook.callbackURL
},
function(accessToken, refreshToken, profile, done) {
findOrCreate({
auth: "facebook",
id: profile.id
}, function (err, user) {
return done(err, user);
});
}
));
var app = express();
//View engine setup here
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({
extended: false
}));
app.use(cookieParser('sekret'));
app.use(express.static(path.join(__dirname, 'public')));
//Routes here
const cookieExpirationDate = new Date();
const cookieExpirationDays = 365;
cookieExpirationDate.setDate(cookieExpirationDate.getDate() + cookieExpirationDays);
app.use(session({
secret: 'sekret',
saveUninitialized: true,
resave: true
}));
app.use(passport.initialize());
app.use(passport.session());
app.get('/auth/facebook', passport.authenticate('facebook'));
app.get('/auth/facebook/callback',
passport.authenticate('facebook', {
successRedirect: '/my-reptiles',
failureRedirect: '/'
})
);
app.get('/logout', function(req, res){
req.logout();
res.redirect('/');
});
//Error handling here
module.exports = app;
The problem was that I was adding session and passport after my routes, when it should have been before them, as per this answer.
//Routes WERE here
const cookieExpirationDate = new Date();
const cookieExpirationDays = 365;
cookieExpirationDate.setDate(cookieExpirationDate.getDate() + cookieExpirationDays);
app.use(session({
secret: 'sekret',
saveUninitialized: true,
resave: true
}));
app.use(passport.initialize());
app.use(passport.session());
//Routes SHOULD BE here
I'm currently trying to utilize passport in my node server for twitter auth on a project. When I have all the code in one server file passport functions as expected. Below is an excerpt from the server file with all the routes in it:
passport.use(new TwitterStrategy({
consumerKey: config.twitter.consumer_key,
consumerSecret: config.twitter.consumer_secret,
callbackURL: config.twitter.callback_url.dev
}, (token, tokenSecret, profile, done) => {
console.log(token, tokenSecret, profile, done);
process.nextTick(() => {
return done(null, profile);
});
}));
app.use(session({ secret: 'SOMESECRET' }));
app.use(passport.initialize());
app.use(passport.session());
app.use(express.static(path.join(__dirname, '../public')));
app.set('view engine', 'ejs');
// expose to routes
app.all('*', (request, response, next) => {
request.log = log;
next();
});
app.get('/', (req, res) => {
res.render('pages/index.ejs');
});
// twitter auth endpoint
app.get('/auth/twitter', passport.authenticate('twitter'));
// twitter auth callback endpoint
app.get('/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/' }), (req, res) => {
res.redirect('/');
});
However, when I try to expose passport from the server file to the routes file the authentication never occurs. I've searched most of the questions here and went back to the doc but all the tutorials show one server file with all the routes in it.
Server file:
passport.use(new TwitterStrategy({
consumerKey: config.twitter.consumer_key,
consumerSecret: config.twitter.consumer_secret,
callbackURL: config.twitter.callback_url.dev
}, (token, tokenSecret, profile, done) => {
console.log(token, tokenSecret, profile, done);
process.nextTick(() => {
return done(null, profile);
});
}));
app.use(session({ secret: 'SECRET' })); // session secret
app.use(passport.initialize());
app.use(passport.session());
app.use(express.static(path.join(__dirname, '../public')));
app.set('view engine', 'ejs');
// expose to routes
app.all('*', (request, response, next) => {
request.log = log;
request.passport = passport;
next();
});
// routes
app.use('/', routes);
Routes file:
import express from 'express';
const routes = express.Router();
import config from '../config.js';
// main
routes.get('/', (req, res) => {
res.render('pages/index.ejs');
});
// twitter auth endpoint
routes.get('/auth/twitter', (req, res) => {
const passport = req.passport;
passport.authenticate('twitter');
});
// twitter auth callback endpoint
routes.get('/auth/twitter/callback', (req, res) => {
const passport = req.passport;
passport.authenticate('twitter', {
failureRedirect: '/'
});
res.redirect('/');
});
module.exports = routes;
What am I missing here? I'm guessing I cannot use passport.authenticate inside the function for the route. I'm still trying to figure out how to get the version using the routes file working. Any help is appreciated!!
You can require Passport normally no need to get passport by let passport = req.passport. Here is my small demo for Google Oauth by passport
Routes.js
const router = require('express').Router();
const passport = require('passport');
router.get(
'/google',
passport.authenticate('google', {
scope: ['profile', 'email'],
session: false
})
);
router.get(
'/google/callback',
passport.authenticate('google', {
session: false
})
);
Server.js
// passort config
app.use(passport.initialize());
require('./services/passport'); // contains the passport google strategy
// routes
require('./routes')(app);
So this project was working fine before today, but after a bit of a nooby mistake with git I broke my project, and was unable to recover the commit. After spending some time getting everything fixed, my routes are now broken. My issue is that when calling my API routes now the server hangs for exactly 1 minute, then times out and logs a 404 on the server.
To give some background I'm using this boilerplate. In my debugging process I basically put console.logs everywhere I possibly could, and it looks like all my initialization middleware for express and passport are working fine, and my code is getting to where the routes are defined with no errors.
Middleware with app.use works and all checks out when a request is made, and all console.logs I've put there show fine. The console.logs only stop appearing in the final route definition like in this example:
app.get('/route', function(req, res, next) {
console.log('this never shows');
next();
}, function(req, res, next) {
console.log('this never shows');
})
My actual routes do have a res.send(), this is just an example to show you. All the console.logs I put in the middleware before this route show when the request is made, so it is hanging somewhere in app here.
It's a rather large project, so if you want specific code examples just ask and I'll post it. But I was able to recover all the important files that I had saved somewhere else and I'm pretty sure all my code is back to how it was before now.
edit:
Here is my file with express middleware definitions:
config/express.js
/**
* Module dependencies.
*/
var express = require('express');
var MongoStore = require('connect-mongo')(express);
var flash = require('connect-flash');
var helpers = require('view-helpers');
var swig = require('swig');
var session = require('express-session');
module.exports = function (app, config, passport) {
app.set('showStackError', true);
// should be placed before express.static
app.use(express.compress({
filter: function (req, res) {
return /json|text|javascript|css/.test(res.getHeader('Content-Type'));
},
level: 9
}));
app.use(express.favicon());
app.use(express.static(config.root + '/public'));
app.use('/uploads', express.static(config.root + '/uploads'));
var allowCrossDomain = function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header("Access-Control-Allow-Headers", "Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers");
// intercept OPTIONS method
if ('OPTIONS' == req.method) {
res.status(204).end();
}
else {
next();
}
};
app.use(allowCrossDomain);
// don't use logger for test env
if (process.env.NODE_ENV !== 'test') {
app.use(express.logger('dev'));
}
// set views path, template engine and default layout
app.engine('html', swig.renderFile);
app.set('view engine', 'html');
app.set('views', config.root + '/app/views');
app.set('view cache', process.env.NODE_ENV !== 'development');
app.configure(function () {
// dynamic helpers
// app.use(function(req,res,next){
// req.locals.session = "eeeeeeee";
// next();
// });
// cookieParser should be above session
app.use(express.cookieParser());
// bodyParser should be above methodOverride
app.use(express.bodyParser());
app.use(express.methodOverride());
// express/mongo session storage
app.use(function(req, res, next) {
if(!req.cookies['_ga']) {
next();
}
else {
session({
secret: 'secrettexthere',
saveUninitialized: true,
resave: true,
store: new MongoStore({
url: 'mongodb://localhost/traderdb',
db: 'traderdb',
collection: 'sessions',
auto_reconnect: true
})
})(req, res, next);
}
});
// connect flash for flash messages
app.use(flash());
app.use(function (req, res, next) {
res.locals.session = req.session;
res.locals.req = req;
next();
});
app.use(function(req, res, next) {
if(!req.cookies['_ga']) {
next();
}
else {
passport.initialize()(req, res, next);
}
});
//app.use(helpers('app name'));
//
// use passport session
app.use(function(req, res, next) {
if(!req.cookies['_ga']) {
next();
}
else {
passport.session()(req, res, next);
}
});
// routes should be at the last
app.use(app.router);
// assume "not found" in the error msgs
// is a 404. this is somewhat silly, but
// valid, you can do whatever you like, set
// properties, use instanceof etc.
app.use(function(err, req, res, next) {
// treat as 404
if (~err.message.indexOf('not found')) return next();
// log it
console.error(err.stack);
// error page
res.status(500).render('500', { error: err.stack });
});
// assume 404 since no middleware responded
app.use(function(req, res, next) {
res.status(404).render('404', { url: req.originalUrl, error: 'Not found' })
});
})
}
I also have another file with passport route definitions if you'd like to see that too, but all that is tested and works okay too.
edit 2:
This is my entry point file:
server.js
/**
* Module dependencies.
*/
var express = require('express')
, fs = require('fs')
, passport = require('passport');
/**
* Main application entry file.
* Please note that the order of loading is important.
*/
// Load configurations
// if test env, load example file
var env = process.env.NODE_ENV || 'development'
, config = require('./config/config')[env]
, auth = require('./config/middlewares/authorization')
, mongoose = require('mongoose');
// Bootstrap db connection
mongoose.connect(config.db);
// Bootstrap models
var models_path = __dirname + '/app/models'
fs.readdirSync(models_path).forEach(function (file) {
require(models_path+'/'+file);
});
// bootstrap passport config
require('./config/passport')(passport, config);
var app = express();
// express settings
require('./config/express')(app, config, passport);
// Bootstrap routes
require('./config/routes')(app, passport, auth);
// Start the app by listening on <port>
var port = 3002;
app.listen(port);
console.log('Express app started on port '+port);
// expose app
exports = module.exports = app;
edit 3:
Here are my route definitions:
config/routes.js
var express = require('express');
var path = require('path');
var fileManager = require('express-file-manager');
var mongoose = require('mongoose');
var Session = mongoose.model('Session');
module.exports = function (app, passport, auth) {
var users = require('../app/controllers/users');
var coupons = require('../app/controllers/coupons');
var magazines = require('../app/controllers/magazines');
var zones = require('../app/controllers/zones');
var transactions = require('../app/controllers/transactions');
var favorites = require('../app/controllers/favorites');
var banners = require('../app/controllers/banners');
var reports = require('../app/controllers/reports');
var coverContest = require('../app/controllers/coverContest');
var contactMessage = require('../app/controllers/contactMessage');
app.post('/api/users/login', users.login);
app.post('/api/users/register', users.register);
app.post('/api/users/logout', users.logout);
app.post('/api/users/sendResetEmail', users.sendResetEmail);
app.post('/api/users/changePassword', users.changePassword);
app.post('/api/users/redeemCoupon', isValidAppUser(), users.redeemCoupon);
app.get('/api/users/validate', isLoggedIn(0), function(req, res) {
res.send(req.user);
});
app.post('/api/coupons', coupons.get);
app.post('/api/coupons/import', isLoggedIn(0), coupons.import);
app.post('/api/coupons/remove', isLoggedIn(0), coupons.remove);
app.post('/api/coupons/upload', isLoggedIn(0), coupons.upload);
app.post('/api/transactions', transactions.get);
app.post('/api/allTransactions', isLoggedIn(0), transactions.getAll);
app.post('/api/magazines', magazines.get);
app.post('/api/magazines/import', isLoggedIn(0), magazines.import);
app.post('/api/magazines/remove', isLoggedIn(0), magazines.remove);
app.post('/api/banners', banners.get);
app.post('/api/banners/import', isLoggedIn(0), banners.import);
app.post('/api/banners/remove', isLoggedIn(0), banners.remove);
app.post('/api/favorites', isValidAppUser(), favorites.get);
app.post('/api/favorites/import', isValidAppUser(), favorites.import);
app.post('/api/zones', zones.get);
app.post('/api/zones/add', zones.add);
app.post('/api/zones/addCoupon', zones.addCoupon);
app.post('/api/zones/addMagazine', zones.addMagazine);
app.post('/api/mail/ccSubmit', coverContest.ccSubmit);
app.post('/api/mail/contactSubmit', contactMessage.contactSubmit);
//app.get('/api/reports/siteUsers', reports.siteUsers);
app.get('/auth/facebook', passport.authenticate('facebook', { scope: [ 'email', 'user_about_me'], failureRedirect: '/login' }), users.signin);
app.get('/auth/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login' }), users.authCallback);
app.get('/auth/github', passport.authenticate('github', { failureRedirect: '/login' }), users.signin);
app.get('/auth/github/callback', passport.authenticate('github', { failureRedirect: '/login' }), users.authCallback);
app.get('/auth/twitter', passport.authenticate('twitter', { failureRedirect: '/login' }), users.signin);
app.get('/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/login' }), users.authCallback);
app.get('/auth/google', passport.authenticate('google', { scope: ['profile', 'email'] }));
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/', successRedirect: '/main.html' }));
}
function isLoggedIn(secLvl) {
return function(req, res, next) {
if(req.isAuthenticated() && req.user.secLvl <= secLvl && req.user.google.email.includes('#bizpub36.com')) {
return next();
}
res.redirect('https://accounts.google.com/logout');
}
}
function isValidAppUser() {
return function(req, res, next) {
Session.findOne({ sess_id: req.body.sess_id }).exec(function(err, session) {
if(!err && session) {
next();
}
else {
res.end({ status: 'error', message: 'invalid session' });
}
});
}
}
If app.use works, my guess would be your protocol, is the app.get correct? You issue is otherwise located somewhere else in your code base as your sample runs fine as a single route express app.
It sounds like one of three things:
Somewhere in your middleware chain, you are not calling next() to allow it to advance to the next level of handlers and thus the request just eventually times out waiting for that middleware to finish (this seems to match the symptoms you describe).
Somehow, your app.get() doesn't actually match the route you expect it to or is not specified correctly.
You're using a router, but have not configured it correctly.
But, because you don't get an immediate 404, but rather it times out, it is probably option #1 above.
I am trying to do salseforce aouth in nodejs using passportjs butt getting error.
Cannot GET /callback?code=aPrxaSyVmC8fBbcSNDQ8G8UtoR.YZip2hdfAGpMSc2hf0798gD_UoDle1dqqC0HnPyewycgKMw%3D%3D
Here is my code
'use strict';
var express = require('express'),
passport = require('passport'),
util = require('util'),
ForceDotComStrategy = require('passport-forcedotcom').Strategy;
//----------------------------------------------------------------------------
// REPLACE THE BELOW SETTING TO MATCH YOUR SALESFORCE CONNECTED-APP'S SETTINGS
//----------------------------------------------------------------------------
var CF_CLIENT_ID = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
var CF_CLIENT_SECRET = 'xxxxxxxxxxxxxxxxxxxxx';
var CF_CALLBACK_URL = 'http://localhost:3000/callback';
var SF_AUTHORIZE_URL = 'https://login.salesforce.com/services/oauth2/authorize';
var SF_TOKEN_URL = 'https://login.salesforce.com/services/oauth2/token';
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
var sfStrategy = new ForceDotComStrategy({
clientID: CF_CLIENT_ID,
clientSecret: CF_CLIENT_SECRET,
callbackURL: CF_CALLBACK_URL,
authorizationURL: SF_AUTHORIZE_URL,
tokenURL: SF_TOKEN_URL
}, function(accessToken, refreshToken, profile, done) {
process.nextTick(function() {
delete profile._raw;
return done(null, profile);
});
});
passport.use(sfStrategy);
var app = express();
// configure Express
app.configure(function() {
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
app.use(express.logger());
app.use(express.cookieParser());
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.session({
secret: 'keyboard cat'
}));
// Initialize Passport! Also use passport.session() middleware, to support
// persistent login sessions (recommended).
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(__dirname + '/public'));
});
app.get('/', function(req, res) {
console.log(req.user);
if(!req.user) {
req.session.destroy();
req.logout();
return res.redirect('/login');
}
res.render('index', {
user: req.user
});
});
app.get('/login', function(req, res) {
req.logout();
req.session.destroy();
res.render('login', {
user: req.user
});
});
app.get('/auth/forcedotcom', passport.authenticate('forcedotcom'), function(req, res) {
});
app.get('/auth/forcedotcom/callback', passport.authenticate('forcedotcom', {
successRedirect: '/',
failureRedirect: '/login'
}), function(req, res) {
res.redirect('/');
});
app.get('/logout', function(req, res) {
res.redirect('/login');
});
app.listen(3000);
console.log('localhost run in 3000');
function ensureAuthenticated(req, res, next) {
if(req.isAuthenticated()) {
return next();
}
res.redirect('/login');
}
I am trying to fix problem with already post a query in at there but that cannot resole Cannot GET /auth/twitter/callback while using twitter oauth in nodejs
looks like you've set the callback URL to http://yourdomain.com/callback in your salesforce oauth app, but have not define a handler for it correctly
either change the callback URL of your salesforce oauth app to
http://yourdomain.com/auth/forcedotcom/callback
or change the following in your code
app.get('/auth/forcedotcom/callback', passport.authenticate('...
to
app.get('/callback', passport.authenticate('forcedotcom', {
successRedirect: '/',
failureRedirect: '/login'
}), function(req, res) {
res.redirect('/');
});