I am working on a website and I need a facebook login system for users. Since I am working with NodeJs I found the passport module for authentication. I also know that facebook provides their own javscript sdk to simply login users directly from the client side.
My question is: what is the difference between these two ways of authenticating users? (using the facebook js sdk on the client side and using passport facebook strategy on the server-side)
Related
I'd like to build a login with facebook feature using react native and Feathersjs. Feathersjs uses passportjs and NodeJS. So any strategies using the underlying technologies should work as well. I've been following this diagram but don't know how to do the user registration and return a jwt to the mobile app in feathers.
I can do the first two arrows. How do I implement (what do I expose and do) arrows 3-6?
Answer as #Daff suggested is this article https://medium.com/#jackzhang0096/how-to-setup-oauth-2-0-token-strategy-on-feathersjs-1d77cc32118b except one should use https://github.com/drudge/passport-facebook-token
basic idea is you pass the api the access_token and the api speaks directly to facebook for extra info and creates a User account and returns a jwt token to the react native app.
I am trying to validate my node app using google. But I found these two modules being used in different tutorials. Could you please tell what the difference is between these two.
passport-google-token
On the npmjs.com page of both, i found the desc as Passport strategy
for authenticating with Google access tokens using the OAuth 2.0 API.
This module lets you authenticate using Google in your Node.js
applications. By plugging into Passport, Google authentication can be
easily and unobtrusively integrated into any application or framework
that supports Connect-style middleware, including Express.
passport-google-oauth
Passport strategies for authenticating with Google using OAuth 2.0.
Lead Maintainer: David Pate
This module lets you authenticate using Google in your Node.js
applications. By plugging into Passport, Google authentication can be
easily and unobtrusively integrated into any application or framework
that supports Connect-style middleware, including Express.
passport-google-oauth was made for express apps, so you can configure permissions, callback uri and request user data, all in the same place.
passport-google-token is made for REST APIs, so you handle authentication logic in front-end and then, you send google token to the back-end (node server) and there you can request user data using google token and grant access to your app using your own authentication mechanism (JWT, Bearer Token, etc.).
I want to use express server with passport-facebook to authenticate facebook users. the client side is Unity3D application. I have no problem authenticating users if it was javascript client, since if the authentication was successful, it redirects to the index page. However, since I'm using Unity3D as client, I was wondering what will be the redirect function.
I haven't had a chance to implement this myself yet, but I was just reading about it.
You are gonna have to use the Facebook Unity SDK and login in the unity app. The SDK provides all the functionality you would expect. As for using the authentication in Express, you would be implementing somewhat of a Reverse OAuth Flow. I don't believe Facebook wants your app doing this, but once authenticated in Unity you could send the temporary access tokens to the Express API at which point you should be able to use the Node.js Facebook SDK.
I am building a ember cli app and I would like to know what is the best approach for user authentication and authorization.
I fiddled around with https://github.com/simplabs/ember-simple-auth
https://github.com/simplabs/ember-simple-auth/tree/master/packages/ember-simple-auth-torii
along with it for social auth like facebook and gmail.
But what happens is client(emberjs) sends request to facebook/gmail app and gets back a token.
But this token is on the client side and my server does not know about the received token.
Question - How do I make the server aware of the token received on the client(ember js) ?
What should be the approach if on my ember app I want to include custom login that communicates with my node backend and gets a token and as well as I want to be able to login via facebook/gmial. ?
I am looking for a unified and seamless login solution that works well with ember cli
See this question: Workflow for Ember-simple-auth, Torii and Facebook Oauth2
You simply define a custom authenticator (you could also override the torii authenticator as opposed to the OAuth 2.0 authenticator as in the answer) that first gets the token from torii and then posts it to your own server in the authenticate method.
tl;dr: Is there any way to create a facebook login session with passportjs using existing access key?
I'm working on a product that is composed from a website , a mobile app and a nodejs server that serves both entities. registration is possible using facebook login from both mobile app and the website. Passportjs perfectly handles the facebook login procedure from the website, while keeping the users details in a mongodb server.
Login from the android app is implemented with the facebookSDK. Once the user is logged in , I file a request to our internal server with the access key and the facebook id in order to submit a request to facebook and authorize the user + request her details.
Right now, I'm using 2 different libraries to do that (passport for registration from the website and node-facebook to request the users details from an existing token) but that's an aweful waste and not very efficient.
Is it possible to harness passportjs to create a facebook session from an existing token+facebook id?
The passport-facebook-token strategy is designed to handle just this situation.