I am creating a project using Deployd to help with my API, and a dpd passport for authentication.
It seems that I have all the authentication, with session keys for distribution and user authentication through Google, but I am having problems with my redirectURL s, as well as with the translation of the callback page that I am returning from.
I burst into the dpd-passport/index.js and I believe this is relevant information:
var sendResponse = function(ctx, err, config) { var sessionData = ctx.session.data; var returnUrl = (ctx.req.cookies && ctx.req.cookies.get('_passportReturnUrl')) || null; if(returnUrl) { var redirectURL = url.parse(returnUrl, true); // only append if not disabled if(!config.disableReturnParams) { // delete search so that query is used delete redirectURL.search; // make sure query is inited redirectURL.query = redirectURL.query || {}; if(err) { redirectURL.query.success = false; redirectURL.query.error = err; } else { // append user + session id to the redirect url redirectURL.query.success = true; if(!config.disableSessionId) { redirectURL.query.sid = sessionData.id; redirectURL.query.uid = sessionData.uid; } } } var redirectURLString = ''; try { redirectURLString = url.format(redirectURL); } catch(ex) { console.warn('An error happened while formatting the redirectURL', ex); } // redirect the user ctx.res.setHeader("Location", redirectURLString); ctx.res.statusCode = 302; ctx.done(null, 'This page has moved to ' + redirectURLString); } else { if(err) { ctx.res.statusCode = 401; console.error(err); return ctx.done('bad credentials'); } else { ctx.done(err, { path: sessionData.path, id: sessionData.id, uid: sessionData.uid }); } } };
After successful authentication, I am assigned returnUrl of:
http://localhost:3000/auth/google/callback?code=4/l4o-H2F4QKJ5tdKbVbGfWygTGRvhHgr9zrHWImFFKdM#
with body:
{"path":"/users","id":"d03c0faccfe41134c193266afef979c5af33adf935aeff45844b0f9473dee4ab1fbd1114240e13ea9a542785da3845cfec984e3a5b8cb188d6c595b6fc39a726","uid":"747f97a9bcfa9811"}
which seems to me similar to my results, falls into the final else in the very top block of code.
If so, then my returnUrl is NULL .
Tracking the returnUrl code in the dpd-passport file, it looks like it should capture this from the cookies in the following snippet:
if(ctx.query.redirectURL && this.config.allowedRedirectURLs) { try { this.regEx = this.regEx || new RegExp(this.config.allowedRedirectURLs, 'i'); if(ctx.query.redirectURL.match(this.regEx)) { // save this info into the users session, so that we can access it later (even if the user was redirected to facebook) if (ctx.res.cookies) ctx.res.cookies.set('_passportReturnUrl', ctx.query.redirectURL); } else { debug(ctx.query.redirectURL, 'did not match', this.config.allowedRedirectURLs); } } catch(ex) { debug('Error parsing RedirectURL Regex!', ex); } }
To add to this, I have allowedRedirectUrls in config like:
^http:
I am at a loss and hope that there is something obvious that I am missing.
I saw passport routes and authentication strategies similar to the following, but failed to implement this in the dpd passport:
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
To add everything to this, I use ui-router / AngularJS.