stackoom
  简体   繁体   中英

Integrating json web token in oauth20

 原文  2019-05-13 11:02:46       node.js/ oauth-2.0/ jwt/ gmail-api

Question

I am trying to create an api where user can sign up with an email or can sign in with google, I use json web token for authentication and oauth20, the problem is, can, I pass a jwt with oauth?

I have tried passing it and, I get a token if, I console log, but how do, I pass it to the user, like can i some way attach it to the req.user object in the cb by oauth or something like that?

I am doing this in the google strategy: 

 async (accessToken, refreshToken, params, profile, cb) => {

   const userCheck = await User.findOne({ googleId: profile.id });

 if (userCheck) {
        const payload = {
          user: {
            id: userCheck.id
          }
        };

        jwtToken.sign(
          payload,
          config.get("jwtSecret"),
          { expiresIn: 360000 },
          (err, token) => {
            if (err) {
              throw err;
            }
            //   console.log(token);
            return res.json({ token });
          },
          cb(null, userCheck)
        );

My routes are protected like this: 

router.get("/", auth, async (req, res)=>{
...some code
    }

where auth is a middle ware function

This is the Auth middleware function:

module.exports = function(req, res, next) { 

  const token = req.header("x-auth-token");

  // If no token found


 if (!token)
 {
    return res.status(401).json({ msg: "User not authorized" });
  }

  // Set token to user

 try {
    const decoded = jwtToken.verify(token, config.get("jwtSecret"));

     req.user = decoded.user;
  } 

 catch (err)
 {
    res.
status(401)
.json({ msg: "User not authenticated, please login or sign up" });
  }
  next();

};

1 answers

solution1
 0  2019-05-14 06:07:33

I found the solution, you need to pass sign the token in the passport.serializeUser and then send the it with a redirection in response of the redirect url.

The serialize user function: 

passport.serializeUser(async (user, cb) => {
  const payload = {
    user: {
      id: user.id
    }
  };
  token = jwtToken.sign(payload, config.get("jwtSecret"), {
    expiresIn: 360000
  });
  console.log("serialize");
  cb(null, user.id);
});

The redirection route: 

router.get(
  "/google/redirect",
  passport.authenticate("google", { sessionStorage: false }),
  (req, res) => {
    res.redirect("/" + token);
  }
);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Passport for Google oauth20, middleware not in use, passport.initialize() Passportjs Google OAuth20 not working when deployed on digital ocean Google oauth20 anonymous cllback function is not being executed in passport.use block How to combine Json Web Token(JWT) and google oauth using passportjs, passport-google-oauth and node to create social login system? JSON Web TOken Strategy Blacklisting JSON web token JSON web token - password in the payload? JSON Web Token (JWT) Security Integrating OAuth with Kuzzle Node.JS SyntaxError: Unexpected token i in JSON at position 20
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM