Skip to content

Instantly share code, notes, and snippets.

@marshallswain
Last active September 24, 2021 08:59
Show Gist options
  • Save marshallswain/3c9e5b3b177b977468b5b711b6254f67 to your computer and use it in GitHub Desktop.
Save marshallswain/3c9e5b3b177b977468b5b711b6254f67 to your computer and use it in GitHub Desktop.
Example tools for using querystring redirects with Feathers OAuth login.
'use strict';
const authentication = require('feathers-authentication');
const jwt = require('feathers-authentication-jwt');
const local = require('feathers-authentication-local');
const oauth2 = require('feathers-authentication-oauth2');
const GithubStrategy = require('passport-github');
// Bring in the oauth-handler
const makeHandler = require('./oauth-handler');
module.exports = function () {
const app = this;
const config = app.get('authentication');
// Create a handler by passing the `app` object.
const handler = makeHandler(app);
// Set up authentication with the secret
app.configure(authentication(config));
app.configure(jwt());
app.configure(local());
app.configure(oauth2(Object.assign({
name: 'github',
Strategy: GithubStrategy,
// Provide the handler to the GitHub auth setup.
// The successRedirect should point to the handle-oauth-login.html hosted on the web server.
handler: handler(config.github.successRedirect)
}, config.github)));
app.service('authentication').hooks({
before: {
create: [
authentication.hooks.authenticate(config.strategies)
],
remove: [
authentication.hooks.authenticate('jwt')
]
}
});
};
<!DOCTYPE html>
<html lang="en">
<head>
<title>Handle OAuth Login</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<script>
function getQueryVariable(variable) {
var query = window.location.search.substring(1);
var vars = query.split('&');
for (var i = 0; i < vars.length; i++) {
var pair = vars[i].split('=');
if (decodeURIComponent(pair[0]) == variable) {
return decodeURIComponent(pair[1]);
}
}
console.log('Query variable %s not found', variable);
}
var token = getQueryVariable('token');
if (token) {
window.localStorage.setItem('feathers-jwt', token);
}
window.location = '/';
</script>
</body>
</html>
module.exports = function (app) {
return function (url) {
const config = app.get('authentication');
const options = {
jwt: config.jwt,
secret: config.secret
};
return function (req, res, next) {
if (req.feathers && req.feathers.payload) {
app.passport.createJWT(req.feathers.payload, options).then(token => {
res.redirect(`${url}?token=${token}`);
})
.catch(error => {
next(error);
});
}
};
};
};
@emeagenciadigital
Copy link

Awesome, this should be more promoted on feathers docs.

@7NT
Copy link

7NT commented Feb 7, 2019

not sure how to set "The successRedirect should point to the handle-oauth-login.html hosted on the web server."

say if my backend is localhost:3030, and frontend is localhost:8080

should I point that "handle-oauth-login.html" at front or back?

@clemlesne
Copy link

Thank you! It should be included into the doc, it's useful.

@iykazrji
Copy link

Thanks for this! @marshallswain

But what if you have multiple frontends (e.g a web app and a mobile app) and want them to share the same authentication logic?
Is there a way to figure out which frontend to re-direct to?

@marshallswain
Copy link
Author

@iyk-azorji, I've not attempted this scenario, but there is a url variable in that redirect. You're probably going to be better off using the beta version of the authentication plugin, though. I'd invest time into that instead of trying to make this work. The new one is supposed to be much more flexible, but I haven't tried it yet.

@iykazrji
Copy link

Cool! Thanks all the same! I have resorted to setting up custom strategies for the different frontends that would be used. It works perfectly for now, but not the elegant solution I was hoping for..

Cheers!

@Dahkenangnon
Copy link

What ?

I'm facing the same problem but with some difference:

And ?

I have a feathers js app and and others express-node js app.
Now i want to have a sso authentication system for all these system.

Architecture 👩‍💻 ?

Apps are like:

app1.domain.com
app2.domain.com
app3.domain.com
feathers.domain.com
I'm on a vps.

Need your help please !

Do you have some suggestion or recommandation for me please ?
Can i use the Oauth of feathers ?
Because there are a miss of feathers and node js app, is this(sso) possible ?

Thank very for time you spend to respond to this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment