通过Passport OAuthstream传递URL参数
我目前使用优秀的Passport框架在node.js中实现了Google OAuth2,但是我发现很难通过工作stream中的URL参数。
我想要做的例子,将是像/analysis?id=1234 ,然后能够加载该具体的分析。
一旦你已经通过身份validation并且会话还没有过期,它就起作用,但是当你还没有通过身份validation的时候它还不能正常工作。 我正在努力将其传递给我认为的callbackURL。 任何指导将不胜感激!
这是我到目前为止(只有相关的代码)
var session = require('express-session'); var storage = require('node-persist'); var passport = require('passport'); var GoogleStrategy = require('passport-google-oauth2').Strategy; var GOOGLE_CLIENT_ID = "<google_client_id>" , GOOGLE_CLIENT_SECRET = "<google_client_secret>", GOOGLE_CALLBACKURL = "http://localhost:1425/auth/google/callback"; app.use(session({ maxAge: 86400000, // 24 hours secret: 'no-one-will-find-out', resave: true, saveUninitialized: true })); var sess; app.use(passport.initialize()); app.use(passport.session()); storage.initSync(); passport.use(new GoogleStrategy({ clientID: GOOGLE_CLIENT_ID, clientSecret: GOOGLE_CLIENT_SECRET, callbackURL: GOOGLE_CALLBACKURL }, function(accessToken, refreshToken, profile, cb) { return cb(null, profile); } )); passport.serializeUser( function(user, cb) { cb(null, user); }); passport.deserializeUser( function(obj, cb) { cb(null, obj); }); app.get('/login', function (req, res) { var id = req.query_id; if (id) { var url = '/auth/google?id=' + id; } else { var url = '/auth/google'; } res.render('landing', {url: url, layout: 'landing.hbs'}); }); app.get('/login_error', function (req, res) { var url = '/auth/google'; res.render('landing', {url: url, error: 'show', layout: 'landing.hbs'}); }); app.get('/analysis', ensureAuthenticated, function (req, res) { sess = req.session; var email = res.req.user.email; var domain = res.req.user._json.domain; var img = res.req.user._json.image.url; var id = req.query.id; console.log(id); sess.email = encodeURIComponent(email); sess.domain = encodeURIComponent(domain); if (domain == 'dropbox.com') { if (id) { res.render('index', { email: email, img: img, query: id }); } else { res.render('index', { email: email, img: img, query: '' }); } } else { res.redirect('/login_error'); } }); app.get('/auth/google', passport.authenticate('google', { scope: [ 'https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/plus.profile.emails.read'] })); app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login_error' }), function(req, res) { var id = req.query.id; // Successful authentication, redirect home. if (id) { res.redirect('/analysis?id=' + id); } else { res.redirect('/analysis'); } } ); function ensureAuthenticated(req, res, next) { var id = req.query.id; sess = req.session; if (req.isAuthenticated()) { return next(); } else { console.log('need to login'); if (id) { res.redirect('/login?id=' + id); } else { res.redirect('/login'); } } }
我不确定,但我相信谷歌身份validation不会将您的“查询string”发回给您。
所以,也许,你可以把你的“ID”参数在会议中:
在这里设置会话:
app.get('/auth/google', function(req, res, next) { req.session.analysis_id = req.query.id; next(); }, passport.authenticate('google', { scope: [ 'https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/plus.profile.emails.read'] }));
在这里检索:
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login_error' }), function(req, res) { var id = req.session.analysis_id; // Successful authentication, redirect home. if (id) { res.redirect('/analysis?id=' + id); } else { res.redirect('/analysis'); } } );
你怎么看待这件事?
干杯!