Google oAuth with passportjs + Vue

Question

I am currently stuck to handle a google oAuth login in a vue app which is connecting to my own node express api server.

On the express api server i am using passport as a middleware to handle google oauth and after succesfully logged in through google i am generating a jwt in the callback on my backend.

passport.use(new GoogleStrategy({
    clientID: config.get('google.clientID'),
    clientSecret: config.get('google.clientSecret'),
    callbackURL: config.get('google.callbackUrl'),
  },
  function(accessToken, refreshToken, profile, done) {
    User.findOne(
      { socialID: profile.id },
      function (err, user) {
        if (err) {
            return done(err);
        }
        //No user was found... so create a new user with values from Facebook (all the profile. stuff)
        if (!user) {
          user = new User({
            name: profile.displayName,
            email: profile.emails[0].value,
            provider: profile.provider,
            socialID: profile.id,
          });
          user.save(function(err) {
            if (err) console.log(err);
          });
        }

        // the information which shall be inside the jsonwebtoken
        const payload = {
          user: {
            id: user.id
          }
        };

        // create jsonwebtoken and return it
        jwt.sign(
          payload,
          config.get('jwt.secret'), // get the secret from default.json to hash jsonwebtoken
          { expiresIn: config.get('jwt.lifetime') },
          (err, token) => {
            if(err) throw err; // if there is error, throw it and exit
            return done(JSON.stringify(token)); // return jwt token
          }
        );
      }
    );
  }
));

I have theses routes on my api server

// @route   GET api/auth/google
// @desc    Google auth route - get User From Google, store it if not exists yet
// @access  Public
router.get('/google',
  passport.authenticate('google', { scope: ['profile', 'email'], session: false })
);

// @route   GET api/auth/google/callback
// @desc    Google callback route
// @access  Public
router.get('/google/callback',
  passport.authenticate('google', { failureRedirect: '/', session: false }),
  function (req, res) {
    res.redirect('http://localhost:8080/?token=' + res);
  }
);

When i call my backend api route at /auth/google i successfully get redirected to the google login page. But with my approach i am trying to redirect from the callback url back to my vue app with a get parameter "token" to recieve the token in the frontend. The redirect in my backend callback route is not working. How do i pass the token which is generated in the backend to my frontend?

Answer 1

I came across that the redirect wasn't working because the return done() function expects two parameters to work correctly.

I changed inside the google passport middleware the done function like this

jwt.sign(
 payload,
 config.get('jwt.secret'), // get the secret from default.json to hash jsonwebtoken
 { expiresIn: config.get('jwt.lifetime') },
  (err, token) => {
    if(err) throw err; // if there is error, throw it and exit
    return done(null, token); // return jwt token
  }
);

Now inside my route i can successfully redirect + add the token as a get parameter - so with this workaround i am recieving my jwt which is generated in my backend in my frontend.

// @route   GET api/auth/google/callback
// @desc    Google callback route
// @access  Public
router.get('/google/callback',
  passport.authenticate('google', { failureRedirect: '/', session: false }),
  function (req, res) {
    let token = res.req.user;
    res.redirect('//localhost:8080/?token=' + token);
  }
);