-
-
Save joshbirk/1732068 to your computer and use it in GitHub Desktop.
var fs = require("fs") | |
var ssl_options = { | |
key: fs.readFileSync('privatekey.pem'), | |
cert: fs.readFileSync('certificate.pem') | |
}; | |
var port = process.env.PORT || 3000; | |
var express = require('express'); | |
var ejs = require('ejs'); | |
var passport = require('passport') | |
, ForceDotComStrategy = require('./lib/passport-forcedotcom').Strategy | |
, TwitterStrategy = require('passport-twitter').Strategy | |
, FacebookStrategy = require('passport-facebook').Strategy; | |
var restProxy = require('./lib/rest-proxy'); | |
//define passport usage | |
passport.use(new ForceDotComStrategy({ | |
clientID: '[FDCID]', | |
clientSecret: '[FDCSECRET]', | |
callbackURL: 'https://127.0.0.1:'+port+'/token' | |
}, | |
function(token, tokenSecret, profile, done) { | |
console.log(profile); | |
return done(null, profile); | |
} | |
)); | |
passport.use(new TwitterStrategy({ | |
consumerKey: '[TWITTERID]', | |
consumerSecret: '[TWITTERSECRET]', | |
callbackURL: 'https://127.0.0.1:'+port+'/twitter-token' //this will need to be dealt with | |
}, function(token, tokenSecret, profile, done) { | |
process.nextTick(function () { | |
return done(null, profile); | |
}); | |
})); | |
passport.use(new FacebookStrategy({ | |
clientID: '[FBID]', | |
clientSecret: '[FBSECRET]', | |
callbackURL: 'https://127.0.0.1:'+port+'/facebook-token' | |
}, | |
function(accessToken, refreshToken, profile, done) { | |
// asynchronous verification, for effect... | |
process.nextTick(function () { | |
// To keep the example simple, the user's Facebook profile is returned to | |
// represent the logged-in user. In a typical application, you would want | |
// to associate the Facebook account with a user record in your database, | |
// and return that user instead. | |
return done(null, profile); | |
}); | |
} | |
)); | |
//define REST proxy options based on logged in user | |
passport.serializeUser(function(user, done) { | |
done(null, user); | |
}); | |
passport.deserializeUser(function(obj, done) { | |
done(null, obj); | |
}); | |
function ensureAuthenticated(req, res, next) { | |
if (req.isAuthenticated()) { return next(null); } | |
res.redirect('/error') | |
} | |
//configure, route and start express | |
var app = express.createServer(ssl_options); | |
app.configure(function() { | |
app.use(express.logger()); | |
app.use(express.cookieParser()); | |
app.use(express.bodyParser()); | |
app.use(express.methodOverride()); | |
app.use(express.session({ secret: 'thissecretrocks' })); | |
app.use(passport.initialize()); | |
app.use(passport.session()); | |
app.use(app.router); | |
}); | |
app.set('view engine', 'ejs'); | |
app.set('view options', { | |
layout: false | |
}); | |
app.get('/', | |
function(req, res) { | |
res.send('Hello World.'); | |
}); | |
app.get('/login', passport.authenticate('forcedotcom')); | |
app.get('/token', passport.authenticate('forcedotcom', { failureRedirect: '/error' }), | |
function(req, res){ | |
res.send('Logged In.'); | |
}); | |
app.get('/twitter-login', passport.authenticate('twitter')); | |
app.get('/twitter-token', passport.authenticate('twitter', { failureRedirect: '/error' }), | |
function(req, res){ | |
res.send('Logged In.'); | |
}); | |
app.get('/facebook-login', passport.authenticate('facebook')); | |
app.get('/facebook-token', passport.authenticate('facebook', { failureRedirect: '/error' }), | |
function(req, res){ | |
res.send('Logged In.'); | |
}); | |
app.get('/error', function(req, res){ | |
res.send('An error has occured.'); | |
}); | |
app.all('/:label/:mode/*', | |
ensureAuthenticated, | |
function(req, res) { | |
console.log(req.session); | |
if(req.session["passport"]["user"] && req.params.label == "fdc") { | |
var restOptions = { | |
useHTTPS : true, | |
host : req.session["passport"]["user"].instance_url, | |
headers: { | |
'Authorization': 'OAuth '+req.session["passport"]["user"].access_token, | |
'Accept':'application/jsonrequest', | |
'Cache-Control':'no-cache,no-store,must-revalidate' | |
} | |
} | |
restProxy.proxy(req,res); | |
} | |
}); | |
app.get('/*',function(req, res) { | |
res.render(req.url.substring(1,req.url.length)); //really? | |
}) | |
app.listen(port, function() { | |
console.log("Listening on " + port); | |
}); | |
Hey guys:
I'm starting with passport, and I'm migrating an Auth module I have written in Ruby/Sinatra, where i already support account connection (i'm using omniauth for that).
In omniauth, everything falls in one only route (:provider/callback), and on that route I have the logic to see if the user is already logged in (in which case i connect the accounts), or is a new user.
Now I'm tryinh to underestand your example, and I see like two different providers "twitter" and "twitter-authz", and a different logic for use authenticate and authorize...the question is: Why do I have to use different providers ?
Is it possible to append multiple accounts to passport.user
when using multiple strategies? For example: passport.user.github
, or passport.user.facebook
? The goal is to avoid overriding the overlapping values. e.g. When 2 strategies each have an email
property, the most recent authenticated Strategy would populate passport.user.email
, correct?
I've read http://passportjs.org/guide/authorize/, and dug through the source to find { userProperty: '' }
, but that only changes the user
property name of passport.user
.
Someone on StackOverflow had the same question. All I could do was point him to the docs. https://stackoverflow.com/questions/26453527/using-passport-js-with-multiple-strategies-without-overwriting-user-request-obje/30224234#30224234
I have App that authenticate with Saml 2.0 strategy, only authentication so I need to do authorization strategy, using OAuth strategy.
and I have multiple authorization requests depending on the resource requesting, like when the user request /products send authorization request (if not authenticated before) only for this resource, and another request to another resource, ... ...
so I thing is a very help fully if Passport js supports a multiple strategies by separating their information in the session, like saying req.resources.products.access_token and req.user.[email|name]
I'm new to passportjs, Is there a strategy which keeps only one active session per user per device?
Say user A logs into device D1 and then logs into device D2, then the session in device D1 should be invalidated. How can i do that?
Thank you
Hi all been using passport for a while - is there a way to implement JWT token authentication while connecting with all these providers - ie sending ONE master token to the client that protects the API routes, and grants further access to the google, facebook, etc... tokens in the DB which can be queries and used to make further downstream requests to API data.
Im looking to build an app that connects several API providers and allows me to query their data but doesn not use session -- and I want to use one JWT token on the client side. Is this doable?
Great! However, is it possible to use a local strategy along with google oauth2 strategy? If so, how do I go about this?
How do you bake identity? email or?