Geek Answers Handbook

How to return json web token (jwt) from facebook passport without showing it in redirect url

I use passport-facebook to enter the webapp MEAN stack. After a successful login, I want to create a JSON Web Token (jwt) and redirect to a page in my SPA. (res.redirect ('/ # / posts /' + doc.generateJWT ()) - see the corresponding code below).

My question is: How do I send a JWT to a redirect page without showing it in the URL?

code:

passport.serializeUser(function(user, done) { done(null, user); }); passport.deserializeUser(function(obj, done) { done(null, obj); }); passport.use(new FacebookStrategy({ clientID: FACEBOOK_APP_ID, clientSecret: FACEBOOK_APP_SECRET, callbackURL: FACEBOOK_CALLBACKURL }, function(accessToken, refreshToken, profile, done) { process.nextTick(function () { User.findOne({'fbid':profile.id},function(err, docs) { if (err){ //console.log('Error in SignUp: '+err); return res.status(401).json(info); } else { if (docs) { //console.log('User already exists'); globalid = profile.id; return done(null,docs); } else { // if there is no user with that fbid // create the user var newUser = new User(); // set the user local credentials newUser.fbid = profile.id; globalid = profile.id; newUser.firstname = profile.name.givenName; newUser.lastname = profile.name.familyName; newUser.gender = profile.gender; if(profile.emails){ newUser.fbemail = profile.emails[0].value; }; newUser.fblink = profile.profileUrl; newUser.fbverified = profile.verified; // save the user newUser.save(function(err) { if (err){ //console.log('Error in Saving user: '+err); return res.status(401).json(info); } //console.log('User Registration succesful'); return done(null, newUser); }); } } }); }); })); var router = express.Router(); router.get('/auth/facebook', passport.authenticate('facebook', { scope : 'email' } )); router.get('/auth/facebook/callback', passport.authenticate('facebook', { session: false, failureRedirect: '/'}), function(req, res,done) { var redirection = true; User.findOne({ 'fbid': globalid }, function (err, doc){ //console.log("Generating token"); doc.token = doc.generateJWT(); doc.save(function(err) { if (err){ //console.log('Error in Saving token for old user: '+err); return res.status(401).json(info); } else { //console.log('User Login succesful'); redirection = doc.mobileverified; //console.log(redirection); //return done(null, doc); if(doc.mobileverified === true){ console.log("Token:",doc.generateJWT()); res.redirect('/#/posts/'+ doc.generateJWT()); } else{ console.log("Token:",doc.generateJWT()); //res.json({token: doc.generateJWT()}); res.redirect('/#/register/' + doc.generateJWT()); } } }); }); });

Thank you very much in advance!

+6
source share
1 answer

If you do not want to show your token in the url, you need to send the response as json

 var fbOptions = { clientID: FACEBOOK_APP_ID, clientSecret: FACEBOOK_APP_SECRET, callbackURL: FACEBOOK_CALLBACKURL }; passport.use(new FacebookStrategy(fbOptions, function(token, refreshToken, profile, done) { var user = profile; // NOTE: 'my_token' we will use later user.my_token = 'generate your jwt token'; done(null, user); }));

And then on your router return the token as json

 app.get('/auth/facebook/callback', passport.authenticate('facebook', {session: false, failureRedirect : '/'}), function(req, res) { // The token we have created on FacebookStrategy above var token = req.user.my_token; res.json({ token: token }); });
+14
source

More articles:


All Articles