3

認証用の NodeJs と PassportJs を使用して安らかな API を開発しています。セッション (ステートレス) を回避するために、ベアラー トークン (passport-http-bearer) を使用してユーザーを認証します (クライアント側: AngularJs)。

However, I have an issue when I want to link facebook account with google one. Create different accounts is easy but linking them to one user, I don't know how to proceed (I think that a way is to propagate the token across the remote API).

Here is my code for passport strategies : 

passport.use('bearer-login', new BearerStrategy({ passReqToCallback: true },
    function(req, token, done) {
        process.nextTick(function() {
            jwt.verify(token, parameters.secret, function(err, decodedToken){
                if(err) return done(err);
                User.findOne({
                    _id: decodedToken.userid,
                    usernameCanonical: decodedToken.username
                }, function(err, user) {
                    if (err) return done(err);
                    if (!user) return done(null, false);
                    return done(null, user, {
                        scope: 'all'
                    });
                });
            })
        });
    }
));

passport.use('github-login', new GithubStrategy({
    clientID: parameters.github.clientId,
    clientSecret: parameters.github.clientSecret,
    callbackURL: parameters.github.callback,
    passReqToCallback: true
  },
  function(req,accessToken, refreshToken, profile, done) {
    User.findOne({ 'github.id': profile.id }, function (err, user) {
        if(err) return done(err);
        if(!user){
            var user = new User({'github.id':profile.id, 'github.token':accessToken, 'github.name': profile.name});
            user.save(function(err){
                if(err) return done(err);
                return done(null, user);
            })
        } else {
            if(!user.github.token) {
                user.github.token = accessToken;
                user.save(function(err){
                    if(err) return done(err);
                    return done(null, user);
                })
            } else return done(null, user);
        } 
    });
  }
));

And here my auth routes: 

router.route('/auth/github/login').get(passport.authenticate('github-login', {session: false}));

router.route('/auth/github/callback')
    .get(passport.authenticate('github-login', { session: false, failureRedirect: 'http://localhost:8080/login' }), 
        function(req, res, next){

            var token = jwt.sign({
                userid: req.user._id,
                username: req.user.usernameCanonical
            }, parameters.secret);

            res.writeHead(302, {
            'Location': 'http://localhost:8080/categories?token=' + token
            });
            return res.end();

        });



router.route('/auth/current')
    .get(passport.authenticate('bearer-login', {session: false}), function(req, res){
        return res.send({username: req.user.username});
    });

Do you have an idea how to proceed ?

Thank you.

4

0 に答える 0