Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## GoogleOAuth
- - User clicks 'Login'.
- - Direct to /auth/google
- - Forward users's request to Google
- - Ask user if they grant permission
- - User grants permission
- - Redirect with callback
- - Callback gets code from URL
- - Send request to google with 'code' included
- - Google checks the code in the URL and returns details about the user
- - Get the user details, create new record in database
- ### Passport
- Pasport is used to handle authentication.
- ```
- const passport = require('passport');
- ```
- #
- ### Google Strategy
- ```passport-google-oauth20``` is added to passport as a strategy.
- ```
- const GoogleStrategy = require('passport-google-oauth20').Strategy;
- passport.use(
- new GoogleStrategy({
- clientID: keys.googleClientID,
- clientSecret: keys.googleClientSecret,
- callbackURL: '/auth/google/callback'
- }, (accessToken, refreshToken, profile) => {
- console.log(accessToken, profile);
- })
- );
- ```
- #
- ### Direct user to Google
- 'google' tells passport to use the GoogleStrategy for authentication
- scope tells us what we want to be returned
- ```
- app.get('/auth/google', passport.authenticate('google', {
- scope: ['profile', 'email']
- })
- ```
- #
- ### Handle callback from Google with response code.
- Google Strategy sees the code in callback URL and use it to return a profile
- ```
- app.get('/auth/google/callback', passport.authenticate('google'));
- ```
- #
- ### Serialize and Deserialize user
- Used to create the cookie and to check the cookie later on.
- ```
- passport.serializeUser((user, done) => {
- done(null, user.id);
- });
- passport.deserializeUser((id, done) => {
- User.findById(id).then(user => {
- done(null, user);
- });
- });
- ```
- #
- ### Cookie Session
- npm install --save ```cookie-session``` to add support for cookies.
- Add cookieSession to serverfile.js
- maxAge is the time the browser should save the cookie.
- Keys is an array of keys that is used to controll that the cookie is right.
- ```
- const cookieSession = require('cookie-session');
- app.use(
- cookieSession({
- maxAge: 30 * 24 * 60 * 60 * 1000,
- keys: [keys.cookieKey]
- })
- );
- ```
- #
- ```
- passport.initialize()
- passport.session()
- ```
- Initialize is a middle-ware that initialises Passport.
- Session is another middleware that alters the request object and change the 'user' value that is currently the session id (from the client cookie) into the true deserialized user object.
- #
- ### Logout
- Call .logout() and then redirect to homepage.
- ```
- app.get('/api/logout', (req, res) => {
- req.logout();
- res.redirect('/');
- });
- <li><a href="/api/logout">Logout</a></li>
- ```
- ### Redirect when logging in
- Another callback after authenticate redirect user when logging in.
- ```
- app.get(
- '/auth/google/callback',
- passport.authenticate('google'),
- (req, res) => {
- res.redirect('/serveys');
- }
- );
- ```
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement