科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - Using passport.js with multiple strategies without overwriting user request object - Stack Overflow

    javascript - Using passport.js with multiple strategies without overwriting user request object - Stack Overflow

    programmeradmin5浏览0评论

    I'm using passport.js local-strategy for auth. I also need users to authenticate with Facebook, Twitter, and G+, but not as auth alternatives, but to enable the user to retrieve their content from those services.

    As written, each auth strategy writes a user object to the request object. This has the effect of logging-out my root user. Is there a way to leverage passport for these additional auth strategies, but not override the user object?

    Here is the canonical example:

    var passport = require('passport')
  , TwitterStrategy = require('passport-twitter').Strategy;

passport.use(new TwitterStrategy({
    consumerKey: TWITTER_CONSUMER_KEY,
    consumerSecret: TWITTER_CONSUMER_SECRET,
    callbackURL: ""
  },
  function(token, tokenSecret, profile, done) {
    User.findOrCreate(..., function(err, user) {
      if (err) { return done(err); }
      done(null, user); //trashes my existing user object
    });
  }
));

    I'm using passport.js local-strategy for auth. I also need users to authenticate with Facebook, Twitter, and G+, but not as auth alternatives, but to enable the user to retrieve their content from those services.

    As written, each auth strategy writes a user object to the request object. This has the effect of logging-out my root user. Is there a way to leverage passport for these additional auth strategies, but not override the user object?

    Here is the canonical example:

    var passport = require('passport')
  , TwitterStrategy = require('passport-twitter').Strategy;

passport.use(new TwitterStrategy({
    consumerKey: TWITTER_CONSUMER_KEY,
    consumerSecret: TWITTER_CONSUMER_SECRET,
    callbackURL: "http://www.example./auth/twitter/callback"
  },
  function(token, tokenSecret, profile, done) {
    User.findOrCreate(..., function(err, user) {
      if (err) { return done(err); }
      done(null, user); //trashes my existing user object
    });
  }
));
    • javascript
    • node.js
    • passport.js
    Share Improve this question edited Jan 6, 2015 at 14:50 Martijn Pieters 1.1m321 gold badges4.2k silver badges3.4k bronze badges asked Oct 19, 2014 at 17:50 metalaureatemetalaureate 7,73211 gold badges59 silver badges97 bronze badges
    Add a ment  | 

    3 Answers 3

    Reset to default 5

    A way to do this is to use a callback rather than a redirect. Usually you would call req.login() to set the request object. You can just skip that step and do whatever you want with the response.

    app.get('/auth/twitter/callback', function (req, res, next) {
        passport.authenticate('twitter', function (err, user, info) {
            res.send({err: err, user: user, info: info}); //skip req.login()
        })(req, res, next)
    });

    This is listed in the Passport docs. http://passportjs/guide/authorize/

    For anyone ing to this and the accepted solution does not work, I used Passport's authorize and set express-session's cookie's sameSite property set to 'lax'.

    ...
  app.use(
    expressSession({
      cookie: {
        sameSite: 'lax',
        httpOnly: true,
        maxAge: 7 * 24 * 60 * 60 * 1000
      },
...

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论