Skip to main content

Sample passport Express dùng strategy Github

Image
By
Link tut: https://gist.github.com/jokecamp/65604d50227b8ea8e0d3

Đầu tiên càn tạo Github apps:
Vô Setting (profile j đó) > Github Apps (tab bên trái dưới) > new app. điền đúng thông tin redirect URL, callback (ai làm Facebook OAuth, Google 0Auth thì rõ).

Code demo:
package.json:


{
  "name": "securehelloworld",
  "version": "1.0.0",
  "description": "",
  "main": "server.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "author": "",
  "license": "ISC",
  "dependencies": {
    "express": "^4.13.3",
    "express-session": "^1.11.3",
    "passport": "^0.3.0",
    "passport-github": "^1.0.0"
  }
}


  1 var express = require('express');
  2 var app = express();
  3 var passport = require('passport');
  4 var GithubStrategy = require('passport-github').Strategy;
  5 
  6 passport.use(new GithubStrategy({
  7     clientID: "Iv1.fac1ddc6afb44e13",
  8     clientSecret: "b2bcc3c00dcc672cf377baa08ff53f6be",
  9     callbackURL: "http://localhost:30000/auth/github/callback"
 10   },
 11   function(accessToken, refreshToken, profile, done) {
 12     // placeholder for translating profile into your own custom user object.
 13     // for now we will just use the profile object returned by GitHub
 14     return done(null, profile);
 15   }
 16 ));
 17 
 18 // Express and Passport Session
 19 var session = require('express-session');
 20 app.use(session({secret: "davzk#1234"}));
 21 app.use(passport.initialize());
 22 app.use(passport.session());
 23 
 24 passport.serializeUser(function(user, done) {
 25   // placeholder for custom user serialization
 26   // null is for errors
 27   done(null, user);
 28 });
 29 
 30 passport.deserializeUser(function(user, done) {
 31   // placeholder for custom user deserialization.
 32   // maybe you are getoing to get the user from mongo by id?
 33   // null is for errors
 34   done(null, user);
 35 });
 36 
 37 // we will call this to start the GitHub Login process
 38 app.get('/auth/github', passport.authenticate('github'));
 39 
 40 // GitHub will call this URL
 41 app.get('/auth/github/callback',
 42   passport.authenticate('github', { failureRedirect: '/' }),
 43   function(req, res) {
 44     res.redirect('/');
 45   });
 46 
 47 app.get('/', function (req, res) {
    var html = "
";
 52 
 53   // dump the user for debugging
 54   if (req.isAuthenticated()) {
 55     html += "authenticated as user:

"
 56     html += "
" + JSON.stringify(req.user, null, 4) + "

";
 57   }
 58 
 59   res.send(html);
 60 });
 61 
 62 app.get('/logout', function(req, res){
 63   console.log('logging out');
 64   req.logout();
 65   res.redirect('/');
 66 });
 67 
 68 // Simple route middleware to ensure user is authenticated.
 69 //  Use this route middleware on any resource that needs to be protected.  If
 70 //  the request is authenticated (typically via a persistent login session),
 71 //  the request will proceed.  Otherwise, the user will be redirected to the
 72 //  login page.
 73 function ensureAuthenticated(req, res, next) {
 74   if (req.isAuthenticated()) { return next(); }
 75   res.redirect('/')
 76 }
 77 
 78 app.get('/protected', ensureAuthenticated, function(req, res) {
 79   res.send("acess granted");
 80 });
 81 
 82 
 83 
 84 var server = app.listen(30000, function () {
 85   //console.log('Example app listening at http://localhost:3000',
 86   console.log('Example app listening at http://%s:%s',
 87     //server.address().address, server.address().port);
 88     "localhost", 3000);
 89 });














































Comments











Post a Comment



















Popular posts from this blog




















Rand mm 10












By
























https://stackoverflow.com/questions/2447791/define-vs-const  Oh const vs define, many time I got unexpected interview question. As this one, I do not know much or try to study this. My work flow, and I believe of many programmer is that search topic only when we have task or job to tackle. We ignore many 'basic', 'fundamental' documents, RTFM is boring.  So I think it is a trade off between the two way of study language.  And I think there are a bridge or balanced way to extract both advantage of two method.  There are some huge issue with programmer like me that prevent we master some technique that take only little time if doing properly. For example, some Red Hat certificate program, lesson, course that I have learned during Collage gave our exceptional useful when it cover almost all topic while working with Linux. I remember it called something like RHEL (RedHat Enterprise Linux) Certificate...  I think there are many tons of documents, guide n books about Linux bu




















Post a Comment









Read more






























Martin Fowler - Software Architecture - Making Architecture matter












By
























  https://martinfowler.com/architecture/ One can appreciate the point of this presentation when one's sense of code smell is trained, functional and utilized. Those controlling the budget as well as developer leads should understand the design stamina hypothesis, so that the appropriate focus and priority is given to internal quality - otherwise pay a high price soon. Andrew Farrell 8 months ago I love that he was able to give an important lesson on the “How?” of software architecture at the very end: delegate decisions to those with the time to focus on them. Very nice and straight-forward talk about the value of software architecture For me, architecture is the distribution of complexity in a system. And also, how subsystems communicate with each other. A battle between craftmanship and the economics and economics always win... https://hackernoon.com/applying-clean-architecture-on-web-application-with-modular-pattern-7b11f1b89011 1. Independent of Frameworks 2. Testable 3. Indepe




















Post a Comment









Read more