I'm working on facebook, google, github, twitter authentication with passport. Authentication with facebook, google, github are executing how in tutorial was written. Only twitter back me message:
500 Internal Server Error: OAuth authentication requires session support. Did you forget to use express-session middleware?
Then I added express-session middleware (look below) and my problem has gone.
import * as expressSession from "express-session";
app.use(expressSession({
secret: strategyOptions.session.secret,
resave: false,
saveUninitialized: true
}));
So I have 3 questions:
1) Why twitter authentication requires session support ?
requestTokenStore to store the token before the exchanging. And by default it is SessionRequestTokenStore from passport-oauth1.2) I had guess only my backend and frontend know about session. How Twitter knows about my session?
3) Why Google, Facebook, Github don't need session support ?
passport-oauth2, wich doesn't need a requestTokenStore (session).