Please support OAuth providers with @Authorized

[gruckion]

It would be nice to if we can get some nicer out of the box support or some examples of how to support OAuth providers.

OAuth providers are covered in passport.js who currently support 500+ providers known as strategies. But this would require us using @UseBefore(passport.authenticate(string)) and not the @Authorized() middleware.

The question:
What are your recommendations for using @Authorized() with third party OAuth providers like Facebook / Google?

[gruckion]

Any updates?

[DimaIT]

@gruckion, it can be implemented with next configuration:

import express from 'express';
import { Action, useExpressServer } from 'routing-controllers';

const app = express();

useExpressServer(app, {
  authorizationChecker: (action: Action) => new Promise<boolean>((resolve, reject) => {
    passport.authenticate('bearer', (err, user) => {
      if (err) {
        return reject(err);
      }
      if (!user) {
        return resolve(false);
      }
      action.request.user = user;
      return resolve(true);
    })(action.request, action.response, action.next);
  }),
  currentUserChecker: (action: Action) => action.request.user,
});

Then you'll be able to use both @Authorized() and @CurrentUser decorators.

However @UseBefore(passport.authenticate(string)) is not so bad as well.

[gruckion]

@gruckion, it can be implemented with next configuration:

import express from 'express';
import { Action, useExpressServer } from 'routing-controllers';

const app = express();

useExpressServer(app, {
  authorizationChecker: (action: Action) => new Promise<boolean>((resolve, reject) => {
    passport.authenticate('bearer', (err, user) => {
      if (err) {
        return reject(err);
      }
      if (!user) {
        return resolve(false);
      }
      action.request.user = user;
      return resolve(true);
    })(action.request, action.response, action.next);
  }),
  currentUserChecker: (action: Action) => action.request.user,
});

Then you'll be able to use both @Authorized() and @CurrentUser decorators.

However @UseBefore(passport.authenticate(string)) is not so bad as well.

Very nice @DimaIT, I will take a look at this soon and let you know what I end up with.

[github-actions]

Stale issue message

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.