I’m using passport.js local-strategy for auth. I also need users to authenticate with Facebook, Twitter, and G+, but not as auth alternatives, but to enable the user to retrieve their content from those services.
As written, each auth strategy writes a user object to the request object. This has the effect of logging-out my root user. Is there a way to leverage passport for these additional auth strategies, but not override the user object?
Here is the canonical example:
JavaScript
x
16
16
1
var passport = require('passport')2
, TwitterStrategy = require('passport-twitter').Strategy;3
4
passport.use(new TwitterStrategy({5
consumerKey: TWITTER_CONSUMER_KEY,6
consumerSecret: TWITTER_CONSUMER_SECRET,7
callbackURL: "http://www.example.com/auth/twitter/callback"8
},9
function(token, tokenSecret, profile, done) {10
User.findOrCreate(, function(err, user) {11
if (err) { return done(err); }12
done(null, user); //trashes my existing user object13
});14
}15
));16
Advertisement
Answer
A way to do this is to use a callback rather than a redirect. Usually you would call req.login() to set the request object. You can just skip that step and do whatever you want with the response.
JavaScript
1
6
1
app.get('/auth/twitter/callback', function (req, res, next) {2
passport.authenticate('twitter', function (err, user, info) {3
res.send({err: err, user: user, info: info}); //skip req.login()4
})(req, res, next)5
});6