-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
115 lines (95 loc) · 2.42 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
const fs = require('fs')
const path = require('path')
const https = require('https')
const helmet = require('helmet')
const express = require('express')
const passport = require('passport')
const cookieSession = require('cookie-session')
const { Strategy } = require('passport-google-oauth20')
require('dotenv').config()
const PORT = 3000 || env.PORT
const config = {
CLIENT_ID: process.env.CLIENT_ID,
CLIENT_SECRET: process.env.CLIENT_SECRET,
COOKIE_KEY_1: process.env.COOKIE_KEY_1,
COOKIE_KEY_2: process.env.COOKIE_KEY_2,
}
const app = express()
const AUTH_OPTIONS = {
callbackURL: '/auth/google/callback',
clientID: config.CLIENT_ID,
clientSecret: config.CLIENT_SECRET,
}
passport.use(new Strategy(AUTH_OPTIONS, verifyCallback))
// save session to cookie
passport.serializeUser((user, done) => {
done(null, user)
})
// read session from cookie
// sets values to req.user
passport.deserializeUser((obj, done) => {
done(null, obj)
})
app.use(helmet())
app.use(
cookieSession({
name: 'session',
maxAge: 24 * 60 * 60 * 1000,
keys: [config.COOKIE_KEY_1, config.COOKIE_KEY_2],
})
)
app.use(passport.initialize())
app.use(passport.session())
app.get('/', (req, res) => {
return res.sendFile(path.join(__dirname, 'public', 'index.html'))
})
app.get(
'/auth/google',
passport.authenticate('google', {
scope: ['email'],
})
)
passport.authenticate()
app.get(
'/auth/google/callback',
passport.authenticate('google', {
failureRedirect: '/failure',
successRedirect: '/',
session: true,
}),
function (req, res) {
console.log('Google called us back')
}
)
app.get('/auth/logout', (req, res) => {
req.logOut() // removes req.user and clear the session saved
return res.redirect('/')
})
app.get('/secret', checkLoggedIn, (req, res) => {
return res.send('Your personal secret value is 8080')
})
app.get('/failure', (req, res) => {
res.send('failed to login!')
})
https
.createServer(
{
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
},
app
)
.listen(PORT, () => {
console.log(`Server listening on ${PORT}`)
})
function verifyCallback(accessToken, refreshToken, profile, done) {
console.log('google Profile', profile)
done(null, profile)
}
function checkLoggedIn(req, res, next) {
const isLogged = req.isAuthenticated() && req.user
if (!isLogged) {
return res.status(401).json({ err: 'you must login first' })
}
next()
}