koe*_*end 1 javascript node.js oauth-2.0 passport.js
我目前已经使用出色的Passport框架在node.js中实现了Google OAuth2,但是我发现很难在工作流程中传递URL参数。
例如,我想做的是拥有一个类似的网址/analysis?id=1234,然后能够加载该特定分析。
一旦您已通过身份验证并且会话尚未过期,它便可以使用,但是当您尚未通过身份验证时,它仍然无法使用。我正在努力将其传递给我认为的callbackURL。任何指导将不胜感激!
这是我到目前为止的内容(仅相关代码)
var session = require('express-session');
var storage = require('node-persist');
var passport = require('passport');
var GoogleStrategy = require('passport-google-oauth2').Strategy;
var GOOGLE_CLIENT_ID = "<google_client_id>"
, GOOGLE_CLIENT_SECRET = "<google_client_secret>",
GOOGLE_CALLBACKURL = "http://localhost:1425/auth/google/callback";
app.use(session({
maxAge: 86400000, // 24 hours
secret: 'no-one-will-find-out',
resave: true,
saveUninitialized: true
}));
var sess;
app.use(passport.initialize());
app.use(passport.session());
storage.initSync();
passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: GOOGLE_CALLBACKURL
},
function(accessToken, refreshToken, profile, cb) {
return cb(null, profile);
}
));
passport.serializeUser( function(user, cb) {
cb(null, user);
});
passport.deserializeUser( function(obj, cb) {
cb(null, obj);
});
app.get('/login', function (req, res) {
var id = req.query_id;
if (id) {
var url = '/auth/google?id=' + id;
} else {
var url = '/auth/google';
}
res.render('landing', {url: url, layout: 'landing.hbs'});
});
app.get('/login_error', function (req, res) {
var url = '/auth/google';
res.render('landing', {url: url, error: 'show', layout: 'landing.hbs'});
});
app.get('/analysis', ensureAuthenticated, function (req, res) {
sess = req.session;
var email = res.req.user.email;
var domain = res.req.user._json.domain;
var img = res.req.user._json.image.url;
var id = req.query.id;
console.log(id);
sess.email = encodeURIComponent(email);
sess.domain = encodeURIComponent(domain);
if (domain == 'dropbox.com') {
if (id) {
res.render('index', { email: email, img: img, query: id });
} else {
res.render('index', { email: email, img: img, query: '' });
}
} else {
res.redirect('/login_error');
}
});
app.get('/auth/google', passport.authenticate('google', { scope: [
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/plus.profile.emails.read']
}));
app.get('/auth/google/callback',
passport.authenticate('google', {
failureRedirect: '/login_error'
}),
function(req, res) {
var id = req.query.id;
// Successful authentication, redirect home.
if (id) {
res.redirect('/analysis?id=' + id);
} else {
res.redirect('/analysis');
}
}
);
function ensureAuthenticated(req, res, next) {
var id = req.query.id;
sess = req.session;
if (req.isAuthenticated()) {
return next();
} else {
console.log('need to login');
if (id) {
res.redirect('/login?id=' + id);
} else {
res.redirect('/login');
}
}
}
我不确定,但我相信Google身份验证不会将您的“查询字符串”发送回给您。
因此,也许您可以将“ id”参数放入会话中:
在此处设置会话:
app.get('/auth/google', function(req, res, next) {
req.session.analysis_id = req.query.id;
next();
}, passport.authenticate('google', { scope: [
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/plus.profile.emails.read']
}));
在这里检索:
app.get('/auth/google/callback',
passport.authenticate('google', {
failureRedirect: '/login_error'
}),
function(req, res) {
var id = req.session.analysis_id;
// Successful authentication, redirect home.
if (id) {
res.redirect('/analysis?id=' + id);
} else {
res.redirect('/analysis');
}
}
);
你怎么看待这件事?
干杯!
| 归档时间: |
|
| 查看次数: |
1744 次 |
| 最近记录: |