node.jsexpresspassport.jsfacebook-authenticationpassport-facebook
Facebook authentication with Passport JS using Node fails
I have an issue with Facebook Strategy failing after successfully logging into Facebook. I'm using Passport Local and Passport Facebook, but independent of each other, here are the code what I have shared.
passport.use(new FacebookStrategy({
clientID: 'XYZId',
clientSecret: 'XYZSecret',
callbackURL: "/auth/facebook/callback"
},
function(accessToken, refreshToken, profile, done) {
console.log(profile);
userDetails = profile;
return done();
}
));
app.get('/auth/facebook', passport.authenticate('facebook'));
app.get('/auth/facebook/callback',
passport.authenticate('facebook', {
failureRedirect: '/login' }),
function(req, res) {
console.log("req");
console.log(userDetails);
console.log("End of Req");
res.redirect('/');
});
Is there anything wrong in this code? Also, for local strategy I have modified a bit which is working perfectly fine.
// config/passport.js
// load all the things we need
var LocalStrategy = require('passport-local').Strategy;
// load up the user model
var mysql = require('mysql');
var bcrypt = require('bcrypt-nodejs');
var dbconfig = require('./database');
var connection = mysql.createConnection(dbconfig.connection);
connection.query('USE ' + dbconfig.database);
// expose this function to our app using module.exports
module.exports = function(passport) {
// =========================================================================
// passport session setup ==================================================
// =========================================================================
// required for persistent login sessions
// passport needs ability to serialize and unserialize users out of session
// used to serialize the user for the session
passport.serializeUser(function(user, done) {
done(null, user.id);
});
// used to deserialize the user
passport.deserializeUser(function(id, done) {
connection.query("SELECT * FROM users WHERE id = ? ",[id], function(err, rows){
done(err, rows[0]);
});
});
// =========================================================================
// LOCAL SIGNUP ============================================================
// =========================================================================
// we are using named strategies since we have one for login and one for signup
// by default, if there was no name, it would just be called 'local'
passport.use(
'local-signup',
new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField : 'username',
passwordField : 'password',
passReqToCallback : true // allows us to pass back the entire request to the callback
},
function(req, username, password, done) {
// find a user whose email is the same as the forms email
// we are checking to see if the user trying to login already exists
connection.query("SELECT * FROM users WHERE username = ?",[username], function(err, rows) {
if (err)
return done(err);
if (rows.length) {
return done(null, false, req.flash('signupMessage', 'That username is already taken.'));
} else {
// if there is no user with that username
// create the user
console.log(req.body);
var newUserMysql = {
uname: req.body.uname,
username: username,
userphone: req.body.userphone,
password: bcrypt.hashSync(password, null, null) // use the generateHash function in our user model
};
var insertQuery = "INSERT INTO users ( uname, username, password, userphone ) values (?,?,?,?)";
console.log(insertQuery);
connection.query(insertQuery,[newUserMysql.uname, newUserMysql.username, newUserMysql.password, newUserMysql.userphone],function(err, rows) {
newUserMysql.id = rows.insertId;
return done(null, newUserMysql);
});
}
});
})
);
// =========================================================================
// LOCAL LOGIN =============================================================
// =========================================================================
// we are using named strategies since we have one for login and one for signup
// by default, if there was no name, it would just be called 'local'
passport.use(
'local-login',
new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField : 'username',
passwordField : 'password',
passReqToCallback : true // allows us to pass back the entire request to the callback
},
function(req, username, password, done) { // callback with email and password from our form
connection.query("SELECT * FROM users WHERE username = ?",[username], function(err, rows){
if (err)
return done(err);
if (!rows.length) {
return done(null, false, req.flash('loginMessage', 'No user found.')); // req.flash is the way to set flashdata using connect-flash
}
// if the user is found but the password is wrong
if (!bcrypt.compareSync(password, rows[0].password))
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata
// all is well, return successful user
return done(null, rows[0]);
});
})
);
};
Console Log :
Solution
You didn't store authorized facebook user in session. You just call function done() without parameters in the implementation of FacebookStrategy. First, you should store fb user in your database or select if exist then call function done (receives first param as error, second as user object). here's docs
- Switch node_modules folder when I change git branch
- How to merge multiple API calls into one call in REST API
- How to pass my createReadStream of an image file into a HTTP Post Request Body?
- PHP encrypt and decrypt in node JS
- Returning a Promise from "describe" is not supported. Tests must be defined synchronously
- Can you check if an npm version number is valid before running npm publish?
- React.js passing one components variables to another component and vice-versa
- React Audio Player Change current time of Audio
- How to detect and measure event loop blocking in node.js?
- Nestjs/TypeORM - How to implement custom search by column
- How to extend TypeORM repository in NestJS 9 (TypeORM 3.+)
- Sequilize query is returning only one row while using include
- Get an element when changes classname in Puppteer JS with the waitForSelector method
- Scraping nba.com page with puppeteer
- How to scrape multiple pages with puppeteer
- page.evaluate Vs. Puppeteer $ methods
- Puppeteer page.evaluate querySelectorAll return empty objects
- Navigation Timeout Exceeded scraping table in Puppeteer
- Unable to verify leaf signature
- How to create a directory if it doesn't exist using Node.js
- Is it good to use Promise this way?
- How to bulk insert into SQL using MySQL2?
- Can't connect to nodejs server
- SQL syntax error when trying to create a new table using TypeORM
- Class validator: Use class member as decorator argument
- Using next() and res.send .Cannot set headers after they are sent to the client. Error [ERR_HTTP_HEADERS_SENT]:
- How to mock a import?
- Error: querySrv ENOTFOUND _mongodb._tcp.dbname.fzofb.mongodb.net
- Why does Sequelize pluralize / singularize names of anything all? And how to stop that completely?
- How do I do Secure Remote Password (SRP) based sign in with Amazon Cognito in JavaScript?