Search code examples
javascriptnode.jspassport.jsgoogle-signinpassport-google-oauth

req.user is undefined after logging in with google-passport-oauth

After I successfully log in using a Google account, in the callback request, req.user is set to the right user and req.isAuthenticated() is true. Great!

However, any subsequent request will have req.user as undefined. No matter what I do.

The problem occurs with both passport-google-auth2 and passport-google-auth.

This is how my index.js looks like:

app.set('views', './src/express/views');
app.set('view engine', 'jsx');
app.engine('jsx', expressReactViews.createEngine({ beautify: true }));

app.use(express.static('./dist'));
app.use(cookieParser());
app.use(bodyParser.json());
app.use( bodyParser.urlencoded({
    extended: true
}));
app.use(session({
    secret: 'keyboard cat',
    proxy: true,
    resave: true,
    saveUninitialized: true,
    cookie: { secure: true }
}));
app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser(function(user, done) {
    // user is passed here correctly
    done(null, user.id);
});
passport.deserializeUser(function(userId, done) {
    db.connect(function(error, connection) {
        if(error) {
            done(error);
        }
        else {
            users.find(connection, userId, function (user) {
                connection.close();
                // user is populated here, don't worry :)
                done(null, user);
            });
        }
    });
});

passport.use(googleStrategy);

And this is how googleStrategy looks like:

module.exports = new GoogleStrategy(
    {
        clientID: '[FAKE]',
        clientSecret: '[FAKE]',
        callbackURL: 'http://localhost:3000/auth/google/callback'
    },
    function(accessToken, refreshToken, profile, done) {
        db.connect((error, connection) => {
            if(error) {
                done(error);
            }
            else {
                users.findOrCreateFromGoogleProfile(connection, profile, (error, user) => {
                    connection.close();
                    done(error, user);
                });
            }
        });
    }
);

This is how my auth router looks like:

router.route('/google/callback').get(passport.authenticate('google', {
    failureRedirect: '/error'
}), function(req, res) {
    // here everything works. req.user is correctly set and req.isAuthenticated() is true
    res.redirect('/index');
});

router.route('/google').get(passport.authenticate('google', {
    scope: ['https://www.googleapis.com/auth/userinfo.profile',
    'https://www.googleapis.com/auth/userinfo.email']
}));

module.exports = router;

Am I doing anything wrong?

Solution

  • I wish I could comment instead of directly answer this question.

    Can you try running this instead?

    router.route('/google/callback').get(passport.authenticate('google', {
    failureRedirect: '/error'
}), function(req, res) {
    // here everything works. req.user is correctly set and req.isAuthenticated() is true

    req.session.save(function(err) {

        res.redirect('/index');
    });
});

    Since everything seems to work until after the redirect, this might fix the issue.