Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document how to return newly authenticated to originally requested resource #7

Closed
mkoistinen opened this issue May 18, 2012 · 1 comment
Closed

Document how to return newly authenticated to originally requested resource #7

mkoistinen opened this issue May 18, 2012 · 1 comment

Comments

@mkoistinen
Copy link

Greetings,

I've been trying to get passport to authenticate a user via Twitter, but return them to the protected resource that triggered the authentication request in the first place. I'm failing to make this work, sadly. It would be very useful if some of the documentation would make it clear how to achieve this. I'll even volunteer to update the documentation if someone could tell me how this is done.

Thanks.
@mkoistinen
Copy link
Author

Greetings, I've figured this out. Basically, the approach is this:

Assuming you have defined the route for the callback from the authentication service like so (from the docs):

app.get('/auth/twitter/callback',
  passport.authenticate('twitter', {
      successRedirect: authenticationRedirect(req, '/account')
    , failureRedirect: '/'
  })
);

Just change that block to this:

app.get('/auth/twitter/callback', function(req, res, next){
  passport.authenticate('twitter', function(err, user, info){
    var redirectUrl = '/account'; // This is the default destination upon successful login.

    if (err) { return next(err); }
    if (!user) { return res.redirect('/'); }

    // If we have previously stored a redirectUrl, use that, otherwise, use the default.
    if (req.session.redirectUrl) {
      redirectUrl = req.session.redirectUrl;
      req.session.redirectUrl = null;
    }
    req.logIn(user, function(err){
      if (err) { return next(err); }
    });
    res.redirect(redirectUrl);
  })(req, res, next);
});

Now, define your middleware for authenticated routes to store the original URL in the session like this:

ensureAuthenticated = function (req, res, next) {
  if (req.isAuthenticated()) { return next(); }

  // If the user is not authenticated, then we will start the authentication
  // process.  Before we do, let's store this originally requested URL in the
  // session so we know where to return the user later.

  req.session.redirectUrl = req.url;

  // Resume normal authentication...

  logger.info('User is not authenticated.');
  req.flash("warn", "You must be logged-in to do that.");
  res.redirect('/');
}

Works!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mkoistinen