API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 23rd, 2019
148
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.71 KB | None | 0 0
raw download clone embed print report
  1. ## GoogleOAuth
  2.  
  3. - User clicks 'Login'.
  4. - Direct to /auth/google
  5. - Forward users's request to Google
  6. - Ask user if they grant permission
  7. - User grants permission
  8. - Redirect with callback
  9. - Callback gets code from URL
  10. - Send request to google with 'code' included
  11. - Google checks the code in the URL and returns details about the user
  12. - Get the user details, create new record in database
  13.  
  14. ### Passport
  15. Pasport is used to handle authentication.
  16. ```
  17. const passport = require('passport');
  18. ```
  19. #
  20. ### Google Strategy
  21. ```passport-google-oauth20``` is added to passport as a strategy.
  22. ```
  23. const GoogleStrategy = require('passport-google-oauth20').Strategy;
  24.  
  25. passport.use(
  26. new GoogleStrategy({
  27. clientID: keys.googleClientID,
  28. clientSecret: keys.googleClientSecret,
  29. callbackURL: '/auth/google/callback'
  30. }, (accessToken, refreshToken, profile) => {
  31. console.log(accessToken, profile);
  32. })
  33. );
  34. ```
  35. #
  36. ### Direct user to Google
  37. 'google' tells passport to use the GoogleStrategy for authentication
  38.  
  39. scope tells us what we want to be returned
  40. ```
  41. app.get('/auth/google', passport.authenticate('google', {
  42. scope: ['profile', 'email']
  43. })
  44. ```
  45. #
  46. ### Handle callback from Google with response code.
  47. Google Strategy sees the code in callback URL and use it to return a profile
  48. ```
  49. app.get('/auth/google/callback', passport.authenticate('google'));
  50. ```
  51. #
  52. ### Serialize and Deserialize user
  53. Used to create the cookie and to check the cookie later on.
  54. ```
  55. passport.serializeUser((user, done) => {
  56. done(null, user.id);
  57. });
  58.  
  59. passport.deserializeUser((id, done) => {
  60. User.findById(id).then(user => {
  61. done(null, user);
  62. });
  63. });
  64. ```
  65. #
  66. ### Cookie Session
  67. npm install --save ```cookie-session``` to add support for cookies.
  68.  
  69. Add cookieSession to serverfile.js
  70.  
  71. maxAge is the time the browser should save the cookie.
  72.  
  73. Keys is an array of keys that is used to controll that the cookie is right.
  74. ```
  75. const cookieSession = require('cookie-session');
  76.  
  77. app.use(
  78. cookieSession({
  79. maxAge: 30 * 24 * 60 * 60 * 1000,
  80. keys: [keys.cookieKey]
  81. })
  82. );
  83.  
  84. ```
  85. #
  86.  
  87. ```
  88. passport.initialize()
  89. passport.session()
  90. ```
  91. Initialize is a middle-ware that initialises Passport.
  92.  
  93. Session is another middleware that alters the request object and change the 'user' value that is currently the session id (from the client cookie) into the true deserialized user object.
  94. #
  95. ### Logout
  96. Call .logout() and then redirect to homepage.
  97. ```
  98. app.get('/api/logout', (req, res) => {
  99. req.logout();
  100. res.redirect('/');
  101. });
  102.  
  103.  
  104. <li><a href="/api/logout">Logout</a></li>
  105. ```
  106.  
  107. ### Redirect when logging in
  108. Another callback after authenticate redirect user when logging in.
  109. ```
  110. app.get(
  111. '/auth/google/callback',
  112. passport.authenticate('google'),
  113. (req, res) => {
  114. res.redirect('/serveys');
  115. }
  116. );
  117. ```
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!