我目前使用优秀的Passport框架在node.js中实现了Google OAuth2,但我发现很难在工作流程中传递URL参数。
我想做的就是拥有像/analysis?id=1234这样的网址,然后才能加载特定的分析。
一旦您已经过身份验证且会话尚未过期,它就可以正常运行,但是当您尚未通过身份验证时,它仍然无效。我正在努力将它传递给callbackURL我想。任何指导将不胜感激!
这是我到目前为止(仅限相关代码)
var session = require('express-session');
var storage = require('node-persist');
var passport = require('passport');
var GoogleStrategy = require('passport-google-oauth2').Strategy;
var GOOGLE_CLIENT_ID = "<google_client_id>"
, GOOGLE_CLIENT_SECRET = "<google_client_secret>",
GOOGLE_CALLBACKURL = "http://localhost:1425/auth/google/callback";
app.use(session({
maxAge: 86400000, // 24 hours
secret: 'no-one-will-find-out',
resave: true,
saveUninitialized: true
}));
var sess;
app.use(passport.initialize());
app.use(passport.session());
storage.initSync();
passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: GOOGLE_CALLBACKURL
},
function(accessToken, refreshToken, profile, cb) {
return cb(null, profile);
}
));
passport.serializeUser( function(user, cb) {
cb(null, user);
});
passport.deserializeUser( function(obj, cb) {
cb(null, obj);
});
app.get('/login', function (req, res) {
var id = req.query_id;
if (id) {
var url = '/auth/google?id=' + id;
} else {
var url = '/auth/google';
}
res.render('landing', {url: url, layout: 'landing.hbs'});
});
app.get('/login_error', function (req, res) {
var url = '/auth/google';
res.render('landing', {url: url, error: 'show', layout: 'landing.hbs'});
});
app.get('/analysis', ensureAuthenticated, function (req, res) {
sess = req.session;
var email = res.req.user.email;
var domain = res.req.user._json.domain;
var img = res.req.user._json.image.url;
var id = req.query.id;
console.log(id);
sess.email = encodeURIComponent(email);
sess.domain = encodeURIComponent(domain);
if (domain == 'dropbox.com') {
if (id) {
res.render('index', { email: email, img: img, query: id });
} else {
res.render('index', { email: email, img: img, query: '' });
}
} else {
res.redirect('/login_error');
}
});
app.get('/auth/google', passport.authenticate('google', { scope: [
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/plus.profile.emails.read']
}));
app.get('/auth/google/callback',
passport.authenticate('google', {
failureRedirect: '/login_error'
}),
function(req, res) {
var id = req.query.id;
// Successful authentication, redirect home.
if (id) {
res.redirect('/analysis?id=' + id);
} else {
res.redirect('/analysis');
}
}
);
function ensureAuthenticated(req, res, next) {
var id = req.query.id;
sess = req.session;
if (req.isAuthenticated()) {
return next();
} else {
console.log('need to login');
if (id) {
res.redirect('/login?id=' + id);
} else {
res.redirect('/login');
}
}
}
答案 0 :(得分:4)
我不确定,但我相信google auth不会将您的'查询字符串'发回给您。
也许,你可以把你的'id'参数放在会话中:
在此处设置会话:
app.get('/auth/google', function(req, res, next) {
req.session.analysis_id = req.query.id;
next();
}, passport.authenticate('google', { scope: [
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/plus.profile.emails.read']
}));
在此处检索:
app.get('/auth/google/callback',
passport.authenticate('google', {
failureRedirect: '/login_error'
}),
function(req, res) {
var id = req.session.analysis_id;
// Successful authentication, redirect home.
if (id) {
res.redirect('/analysis?id=' + id);
} else {
res.redirect('/analysis');
}
}
);
你怎么看?
干杯!