-
-
Save jaredhanson/2559730 to your computer and use it in GitHub Desktop.
// Based off example code from Hal Robertson | |
// https://github.com/halrobertson/test-restify-passport-facebook | |
// See discussion: https://groups.google.com/forum/?fromgroups#!topic/passportjs/zCz0nXB_gao | |
var restify = require('restify') | |
// config vars | |
var FB_LOGIN_PATH = '/api/facebook_login' | |
var FB_CALLBACK_PATH = '/api/facebook_callback' | |
var FB_APPID = '<<YOUR APPID HERE>>' | |
var FB_APPSECRET = '<<YOUR APPSECRET HERE>>' | |
var SERVER_PREFIX = 'http://localhost:3000' | |
// set up server | |
var server = restify.createServer() | |
server.use(restify.queryParser()); | |
// set up passport-facebook | |
var passport = require('passport') | |
, FacebookStrategy = require('passport-facebook').Strategy; | |
// initialize passport | |
server.use(passport.initialize()); | |
// Sessions aren't used in this example. To enabled sessions, enable the | |
// `session` option and implement session support with user serialization. | |
// See here for info: http://passportjs.org/guide/configuration.html | |
var fb_login_handler = passport.authenticate('facebook', { session: false }) | |
var fb_callback_handler = passport.authenticate('facebook', { session: false }) | |
var fb_callback_handler2 = function(req, res) { | |
console.log('we b logged in!') | |
console.dir(req.user) | |
// be sure to send a response | |
res.send('Welcome ' + req.user.displayName); | |
} | |
server.get(FB_LOGIN_PATH, fb_login_handler) | |
server.get(FB_CALLBACK_PATH, fb_callback_handler, fb_callback_handler2) | |
passport.use(new FacebookStrategy({ | |
clientID: FB_APPID, | |
clientSecret: FB_APPSECRET, | |
callbackURL: SERVER_PREFIX + FB_CALLBACK_PATH | |
}, | |
function(accessToken, refreshToken, profile, done) { | |
console.log('accessToken='+accessToken+' facebookId='+profile.id) | |
return done(null, profile) | |
}) | |
) | |
// Start the app by listening on <port> | |
var port = process.env.PORT || 3000 | |
server.listen(port) | |
console.log('App started on port ' + port) |
I'm quite new to Restify, so maybe I'm being a little naive. But Restify has a static files plugin where it can serve up static files: http://mcavage.me/node-restify/#Bundled-Plugins
I am using Restify for a REST API backend of an AngularJS based website. I am having Restify serve up my html, css and js files and it's working pretty well so far.
@jaredhanson @halrobertson any chance you guys could make a quick addition as to how you would authenticate against subsequent endpoints?
I have the login working and the request token (using passport-google), however after the initial authentication I am not sure how to check for a user any subsequent endpoint requests. from what I have read I was expecting a user object to be available in the req, however this doesn't seem to be the case. Not sure if I've missed something.
Being a REST service I obviously don't want to use sessions, so should I just be calling..
server.get('/my/path', passport.authenticate('facebook', { session: false }), function() {
/* do some stuff */
})
@thatguynamedandy the same happened to me, and I had to be explicit in the property that will hold the user object, due to some issue with passport.js:
server.get('/my/path', passport.authenticate('facebook', { session: false, assignedProperty:'user' }), function() {
/* do some stuff */
})
With that change everything worked ok ^^
Doing this just keeps redirecting me to log in each time.
@jaredhanson & @halrobertson - Im curious - for res.send, how do you send that user object to an actual web page? I am under the impression that restify is strictly for REST API functionality, and that the server does not have the capacity to serve up my index.html page or any html page for that matter.
I mean, if I go to /login on the port that is handling my REST API, then, it redirects me to another page - that page is really on the same port as my API - not on the port that serves static files. Restify assumes that you will have a purely JSON API. Combining it with Passport and having it pass data to your pages seems like it would best be left to another framework like Express
Furthermore, the user would never go to /login at the port on the rest API --- they would be on your main page with on the /login page. If you redirect the users to /login (at your API port, ie 9000) and then Facebook callback sends them back to your website (on your website port, ie 8000), restify will not have any way of managing sessions/tokens, etc? Unless you're implicity constructing JSON responses from all of these API endpoints which give you the values that you will then POST or send via GET when making your next AJAX call?
Just seems confusing!