passport.use( new GoogleStrategy( { clientID: authConfig.google.client_id, clientSecret: authConfig.google.client_secret, callbackURL: `${schnack_host}/auth/google/callback` }, (accessToken, refreshToken, profile, done) => { done(null, profile); } ) );
app.get( '/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), (request, reply) => { reply.redirect('/success'); } );
passport.deserializeUser((user, done) => { done(null, { provider: user.provider, id: user.provider_id }); });
passport.use(new GoogleStrategy({ clientID: process.env.GOOGLE_AUTH_CLIENT_ID, clientSecret: process.env.GOOGLE_AUTH_CLIENT_SECRET, callbackURL: `${authURL}/auth/google/callback` }, (accessToken, refreshToken, profile, cb) => { if (profile.emails && profile.emails.find(e => e.value.match(new RegExp(`@${process.env.GOOGLE_AUTH_DOMAIN}$`)) && e.verified)) { return cb(null, profile); } return cb(`${profile.emails && profile.emails[0] && profile.emails[0].value} not within @${process.env.GOOGLE_AUTH_DOMAIN}`); }));
// Allow unauthenticated registration if no users are currently registered. router.use('/register', (req, res, next) => { Users.initialUserGate({ handleInitialUser: () => { next(); }, handleSubsequentUser: () => { passport.authenticate('jwt', {session: false}, (passportReq, passportRes) => { passportRes.json({username: req.username}); }); }, }); });
// Setup use serialization passport.serializeUser((user, done) => { done(null, typeof user === 'string' ? user : JSON.stringify(user)); });
passport.use( new TwitterStrategy( { consumerKey: authConfig.twitter.consumer_key, consumerSecret: authConfig.twitter.consumer_secret, callbackURL: `${schnack_host}/auth/twitter/callback` }, (token, tokenSecret, profile, done) => { done(null, profile); } ) );
passport.use( new GitHubStrategy( { clientID: authConfig.github.client_id, clientSecret: authConfig.github.client_secret, callbackURL: `${schnack_host}/auth/github/callback` }, (accessToken, refreshToken, profile, done) => { done(null, profile); } ) );
passport.use( new FacebookStrategy( { clientID: authConfig.facebook.client_id, clientSecret: authConfig.facebook.client_secret, callbackURL: `${schnack_host}/auth/facebook/callback` }, (accessToken, refreshToken, profile, done) => { done(null, profile); } ) );
// Allow unauthenticated verification if no users are currently registered. router.use('/verify', (req, res, next) => { Users.initialUserGate({ handleInitialUser: () => { req.initialUser = true; next(); }, handleSubsequentUser: () => { req.initialUser = false; passport.authenticate('jwt', {session: false})(req, res, next); }, }); });
app.get( '/auth/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login' }), (request, reply) => { reply.redirect('/success'); } );
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/auth/google' }), (req, res) => { // Successful authentication, redirect home. res.redirect('/'); });
app.get( '/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/login' }), (request, reply) => { reply.redirect('/success'); } );
app.get( '/auth/mastodon/callback', passport.authenticate('mastodon', { failureRedirect: '/login' }), (request, reply) => { reply.redirect('/success'); } );
app.get( '/auth/github/callback', passport.authenticate('github', { failureRedirect: '/login' }), (request, reply) => { reply.redirect('/success'); } );