Geek Answers Handbook

How to save node-dbox token between page updates in NodeJS / Express

I am trying to build a small application using NodeJS , node-dbox and Express . When you request authorization DropBox is a three-step process , first you need to get request_token , then the user allows them to visit the Dropbox page and only then request access_token based on request_token and the fact that the user has an authorized request.

However, by the time I served the page for steps 1 and 2 (getting the request_token and providing the user with a URL), the request_token instance disappeared !, so in step 3 I can’t request access_token , because it requires request_token

I am trying to store request_token in a cookie, but given that it contains sensitive data, sending it to a client might not be such a good idea. Any ideas?

The simplified code is given below:

 (function() { var dbox = require('dbox'), config = require('easy-config'), express = require('express'), dboxApp = dbox.app(config.dropbox_credentials), app = express(); app.use(express.cookieParser()); app.get('/', function(req, res) { dboxApp.requesttoken(function(status, request_token) { res.cookie('request_token', JSON.stringify(request_token)); res.send("<a href='" + request_token.authorize_url + "' targe='_new'>authorize via dropbox</a><br/>" + "<a href='/next'>next</a>"); }); }); app.get('/next', function(req, res) { var request_token = JSON.parse(req.cookies.request_token); if(request_token) { dboxApp.accesstoken(request_token, function(status, access_token) { var client = dboxApp.client(access_token); client.account(function(status, reply){ res.send(reply); }); }); } else { res.send('sorry :('); } }); app.listen(3000); })();

bonus question: client is created using access_token , so any client instance or access_token should be supported on all page updates, and what works best?

+6
source share
1 answer

I managed to get it to work by doing the following:

According to the link to Dropbox Developer, you can specify the callback URL by specifying it along with the request, as indicated here:

https://www.dropbox.com/developers/blog/20

 https://www.dropbox.com/1/oauth/authorize?oauth_token=<request-token>&oauth_callback=<callback-url>

By storing the request token in the session and redirecting the callback URL, you can access the request token and be in your way. Several express route handlers passed as a parameter by a member identifier for a request and subsequent response may look like this:

  linkAccount : function(req, res){ var memberId = req.params.memberId, appKey = 'MYAPPKEY', appSecret = 'MYAPPSECRET', dbox = require('dbox'), dboxApp = dbox.app({ "app_key": appKey, "app_secret": appSecret }); req.session.dboxStore = {}; req.session.dboxStore.dboxApp = dboxApp; dboxApp.requesttoken(function(status, request_token){ req.session.dboxStore.request_token = request_token; console.log("request_token = ", request_token); res.redirect('https://www.dropbox.com/1/oauth/authorize?oauth_token='+request_token.oauth_token+ '&oauth_callback=http://myhost.local/linksuccess/dropbox/'+memberId); res.end; }); }, linkSuccess : function(req, res){ var memberId = req.params.memberId; var appKey = 'MYAPPKEY'; var appSecret = 'MYAPPSECRET'; var dbox = require('dbox'); var dboxApp = dbox.app({ "app_key": appKey, "app_secret": appSecret }); var request_token = req.session.dboxStore.request_token; dboxApp.accesstoken(request_token, function(status, access_token){ console.log('access_token = ', access_token); Member.setAuthToken(memberId, 'dropbox', access_token, function(err, member){ res.render('index', { title:'SUCCESSFUL DROPBOX AUTH' }); res.end; }); }); }
+2
source

More articles:


All Articles