So I have this problem on my site that after I logged in as a facebook user and after I clicked few links, NGINX error page will come out. But when I test it on another browser that does not logged in as a facebook user, it won't give an error.
By the way I used 'express-mysql-session' as my session store.
Related
I tried using passportjs facebook on my website and tested on different browser but there’s a little bit problem when the link is from the facebook app itself specifically on IOS.
Package used: http://www.passportjs.org/packages/passport-facebook/
The scenario is:
Share your login url to post in your facebook timeline
Open facebook app on ipad
Click the link that was posted on facebook timeline to open the login url and a popup browser from facebook app should appear.
Click your facebook login using passportjs
Result:
Session Expired popup appear and you’ll be sign out and ask to login again but not from your url but from the app itself so I’m not getting the response login from it since it is not from passportjs login anymore. Any idea how to solve this or why is this happening?
So after some trial & error reading I found out I just need to turn on the "Force Web OAuth Reauthentication" inside Facebook Developer dashboard and now it continue login from IOS Facebook app when the link is from their.
So I am building a sample Reactjs app where I am using Google OAuth for authetication. The Oauth is taken care by a node application using passport.js
The react app is running on localhost:3000 while the node app is running on localhost:5000. I have setup some proxy using createproxymiddleware to communicate between them.
In the React app , on the / route I have a login screen. When the user clicks on on the Login button , the user is redirected to /auth/google. The proxy kicks in and it gets redirected to localhost:5000/auth/google where the oAuth flow starts and the user can log in.
Passport.js takes care of the flow and then the user is redirected to /home/dashboard which is basically localhost:3000/home/dashboard.
The above flow is working fine. But the problem I face is that I want to keep track on the React side whether the user is logged in or not. If he is logged in and visits localhost:3000/ he must be redirected to localhost:3000/home/dashboard else if he is not logged in and tries to visit localhost:3000/home/dashboard he must be redirected to localhost:3000.
How can I achieve this?
I am using Express, Passport and SequelizeSessionStore to enable user login and session perserve.
I have configuration that automatically logout user when he not refreshed website for more than 30 minutes. User is redirected to login page.
How to inform user about this? How I can dig information from passport or express right after user is logged out to create alert message on fronmtend? I want it just once and just when user is logged out automatically.
EDIT: Seems that SequelizeSessionStore just remove session from database after configured time. I can't find a way how to distinguish between normal logout and automatic logout
I am working in express js. For my login page i am using passport and connect roles. My query is, if an user(role) is logged in, at the same time an admin tries to login, the user should be automatically logged out and admin should be logged in. I tried to achieve using status for admin role. I want to acheive this in intranet connection. But it is only suitable for other scenarios. Can we use session to acheive this.
I have creating a website running on Node.js and Express. For logging into my website I use passport.js based social login with Google, Facebook and Live.
I need to expose user data via authenticated REST services so that website's Chrome & Firefox browser extension can do CRUD operations.
When user clicks on a button injected via browser extension, I need to check if user is already logged in to website. If user is not logged in then I will do a redirect for login and return back to original page.
I am clueless after this. Which token do I use for REST API calls ?
Any Advice ?
After the social login, when the user is redirected to the callback url, you can create your own token, e.g. using uuid, and then send it to the client.
For all the consequent requests the client needs to use that token for authentication and you have to manage its expiration.