So I have been trying to get Facebook authentication working. Locally, my code works perfectly. Once wrapped in Lambda using Claudia, the Facebook login seems to stop working. I have my login url authenticated in Facebook developer settings
var FB = require('fb');
FB.options({ version: 'v2.7' });
fb = new FB.Facebook({});
var bcrypt = require('bcryptjs');
var UserService = require('../services/user.service');
var config = require('../config');
var jwt = require('jsonwebtoken');
_this = this
exports.getFBLoginCredentials = async function (req, res, next) {
try {
let access_token = req.body.facebook_token;
FB.setAccessToken(access_token);
let facebookInfo = await new Promise(function (resolve, reject) {
FB.api('me/', { locale: 'en_US', fields: 'first_name, last_name, email' }, function (response) {
if (!response || response.error) {
reject(Error('Facebook Auth failed'));
}
resolve(response);
});
});
let user = await UserService.findUserByEmail(facebookInfo.email);
if (user) {
let updatedToken = await _createToken(user, 1);
let updatedRefreshToken = await _createToken(user, 7);
user.token = updatedToken;
user.refreshToken = updatedRefreshToken;
user.facebookToken = access_token;
user.emailVerified = true;
await UserService.updateUser(user);
return res.status(200).json({ status: 200, data: user, message: "Successfully Retrieved data" });;
}
let userFields = {
name: facebookInfo.first_name + ' ' + facebookInfo.last_name,
email: facebookInfo.email,
emailVerified: true,
facebook_token: access_token
}
let createdUser = await UserService.createUser(userFields);
return res.status(200).json({ status: 200, data: createdUser, message: "Successfully Retrieved data" });
}
catch (error) {
return res.status(400).json({ status: 400, message: error.message });
}
}
Figured it out. Turns out that the timeout of AWS Lambda was set to be 3.0 seconds but the call took longer than that.
Related
I want to implement switch case for registration flow. Like normal sign up with
email, Phone number and password
with google
with facebook etc.
If user selects the continue with google button then switch to google registration and so on. How can I do that?
The controller file:
exports.register = catchAsync(async (req, res, error) => {
try {
const user = await userService.googleRegistration(req);
} catch (error) {
return res.failed(500, "Internal server error", error);
}
});
The userService file:
// GOOGLE REGISTRATION
exports.googleRegistration = async (req) => {
var google = require("googleapis").google;
var OAuth2 = google.auth.OAuth2;
var oauth2Client = new OAuth2();
oauth2Client.setCredentials({ access_token: req.params.access_token });
var oauth2 = google.oauth2({
auth: oauth2Client,
version: "v2",
});
oauth2.userinfo.get(async (err, res) => {
if (err) {
} else {
let user_data = new User({
first_name: res.data.given_name,
last_name: res.data.family_name,
});
let user = await user_data.save();
return user;
}
});
};
// NORMAL REGISTRATION
exports.register = async (user) => {
let new_user = new User({ ...user });
const user_data = await new_user.save();
const payload = { id: new_user._id };
user_data.JWToken = jwt.sign(payload, keys.JWToken, { expiresIn: 31556926 });
return user_data;
};
I recomended use an des-structuct object. NOT recomended use a switch it is bad for the memory and performance
const typeSingIn = {
facebook: function(){ /* function to join with fb */},
google: function() {/* your function to join with google*/},
// more options
}
app.post("/singIn", (req, res) => {
const {method} = req.body // expect the answer if the signIn is for fb, google or other method.
const singInType = typeSignIn[method]
try{
signInType() // this can be a promise if you want it
}catch(e){
res.json({status: 500, message: e})
}
})
This is the error that I get:
"You have created a new client application that use…i/web/guides/gis-migration) for more information."
here are my codes on server, the statement inside console.log doesnt even show:
static async googleLogin(req, res, next) {
try {
console.log("masuk google login server")
const { id_token } = req.body
const client = new OAuth2Client(process.env.GOOGLE_CLIENT_ID)
const ticket = await client.verifyIdToken({
idToken: id_token,
audience: process.env.GOOGLE_CLIENT_ID
});
const payload = ticket.getPayload()
const email = payload.email
let password = email.toString().split('#')
password = password[0]
let user = await User.findOne({ where: { email } })
if (!user) {
let newUser = { email, password }
let createUser = await User.create(newUser)
const payload = {
id: createUser.id,
email: createUser.email
}
const access_token = generateToken(payload)
return res.status(201).json({ access_token })
} else {
const payload = {
id: user.id,
email: user.email
}
const access_token = generateToken(payload)
return res.status(200).json({ access_token })
}
} catch (err) {
console.log(err)
return next(err)
}
}
the console.log in my client also doesnt show
function onSignIn(googleUser) {
console.log("masuk client oauth")
$.ajax({
method: "POST",
url: `${baseUrl}/users/google-login`,
data: {
id_token: googleUser.getAuthResponse().id_token
}
})
.done((response) => {
console.log(response, "client response")
localStorage.setItem("access_token", response.access_token)
checkLocalStorage();
})
.fail((err) => {
console.log(err, "error client");
})
.always(() => {
authentication()
})
}
i tried deleting cache and run my app again, recreate a new project on google api (which genereated new ID). they didnt work
i cannot sign in to my app using existing google account. it loads when i clicked and asked me to wait a moment but then nothing happened.
my script.js
function onSignIn(googleUser) {
$.ajax({
url: `${baseUrl}/users/googlelogin`,
method: "POST",
data: {
access_token: googleUser.getAuthResponse().id_token,
googleToken: id_token
}
})
.done((response) => {
console.log(response, "ini response dr client")
localStorage.setItem("access_token", response.access_token)
authentication()
})
.fail((err) => {
console.log(err);
swal(
"Oops!", xhr.responseJSON.error[0], "error")
console.log(xhr.responseJSON.error[0])
})
}
my controller file:
static async googleLogin(req, res, next) {
try {
console.log("masuk google login")
const { id_token } = req.body
const client = new OAuth2Client(process.env.GOOGLE_CLIENT_ID)
const ticket = await client.verifyIdToken({
idToken: id_token,
audience: process.env.GOOGLE_CLIENT_ID
});
const payload = ticket.getPayload()
const email = payload.email
let password = email.toString().split('#')
password = password[0]
let user = await User.findOne({ where: { email } })
if (!user) {
let newUser = { email, password }
let createUser = await User.create(newUser)
const payload = {
id: createUser.id,
email: createUser.email
}
const access_token = generateToken(payload)
return res.status(201).json({ access_token })
} else {
const payload = {
id: user.id,
email: user.email
}
const access_token = generateToken(payload)
return res.status(200).json({ access_token })
}
} catch (err) {
console.log(err)
return next(err)
}
}
here are the error on console:
GET http://localhost:3000/todos 500 (Internal Server Error)
Uncaught {error: 'idpiframe_initialization_failed', details: 'You have created a new client application that use…i/web/guides/gis-migration) for more information.'}
i run my app on http://localhost:8080/client/
i'm implementing a node.js backend using the amazon-cognito-identity-js.
I want to create a login(username, password) and refreshToken(token) APIs.
This is my code:
import { AuthenticationDetails, CognitoUser, CognitoUserPool, CognitoRefreshToken } from "amazon-cognito-identity-js"
public loginWithAmazonCognitoIdentity (username: string, password: string){
var authenticationData = {
Username : username,
Password : password,
};
var authenticationDetails = new AuthenticationDetails(authenticationData);
var poolData = { UserPoolId : 'eu-north-1_xxxxxx',
ClientId : '3al0l3mhcxxxxxqgnp789987'
};
var userPool = new CognitoUserPool(poolData);
var userData = {
Username : username,
Pool : userPool
};
var cognitoUser = new CognitoUser(userData);
const user = cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
var accessToken = result.getAccessToken().getJwtToken();
console.log("token: " + accessToken);
var refresh = result.getRefreshToken().getToken();
console.log("RefreshToken: " + refresh);
},
onFailure: function(err) {
console.error(err);
},
});
}
This function returns an accessToken and a refreshToken without errors.
After this, i have implemented this function:
public refreshToken(refreshToken)
var poolData = { UserPoolId : 'eu-north-1_xxxxxx',
ClientId : '3al0l3mhcxxxxxqgnp789987'
};
var userPool = new CognitoUserPool(poolData);
var userData = {
Username : 'lacucudi',
Pool : userPool
};
var cognitoUser = new CognitoUser(userData);
var token = new CognitoRefreshToken({ RefreshToken: refreshToken })
cognitoUser.refreshSession(token, (err, session) => { if (err) {console.log(err)} else console.log('session: ' + JSON.stringify(session)) });
}
but passing the refreshToken previously retrieved it returns an:
NotAuthorizedException: Invalid Refresh Token.
Can anyone tell me what is the correct backend implementation of these 2 apis ?
I solved in this way:
import Amplify, { Auth } from "aws-amplify";
import {
AdminCreateUserCommand,
AdminSetUserPasswordCommand,
AuthFlowType,
CognitoIdentityProviderClient,
CognitoIdentityProviderClientConfig,
GetUserCommand,
InitiateAuthCommand,
MessageActionType,
RevokeTokenCommand,
} from "#aws-sdk/client-cognito-identity-provider";
public async login(username: string, password: string): Promise<AuthTokens> {
if (!username || !password) {
throw new HttpException(400, "Please provide both username and password");
}
Amplify.configure({ Auth: config.auth });
const user = await Auth.signIn(username, password);
if (!user.signInUserSession) {
throw new HttpException(500, `Could not authenticate user ${username}`);
}
const {
signInUserSession: {
accessToken: { jwtToken: access_token },
idToken: { jwtToken: id_token },
refreshToken: { token: refresh_token },
},
} = user;
return {
id_token,
access_token,
refresh_token,
};
}
public async refresh(refresh_token: string): Promise<AuthTokens> {
if (!refresh_token) {
throw new HttpException(400, "Please provide a refresh token");
}
const refreshTokenAuth = new InitiateAuthCommand({
ClientId: config.auth.userPoolWebClientId,
AuthFlow: AuthFlowType.REFRESH_TOKEN_AUTH,
AuthParameters: {
REFRESH_TOKEN: refresh_token,
},
});
const response = await this.client.send(refreshTokenAuth);
const {
AuthenticationResult: { AccessToken, IdToken },
} = response;
return {
refresh_token,
access_token: AccessToken,
id_token: IdToken,
};
}
public async logout(refreshToken: string): Promise<boolean> {
if (!refreshToken) {
throw new HttpException(400, "Please provide a refresh token");
}
try {
const command = new RevokeTokenCommand({
ClientId: config.auth.userPoolWebClientId,
Token: refreshToken,
});
const response = await this.client.send(command);
const { httpStatusCode } = response.$metadata;
return httpStatusCode == 200 ?? true;
} catch (e) {
logger.error(e);
throw new HttpException(500, e);
}
}
I used aws-amplify for login and aws-sdk/client-cognito-identity-provider for other operations.
NotAuthorizedException: Invalid Refresh Token
error message was returned because the device tracking option was enabled in Cognito settings.
It' s incredible for a service provided by AWS to give wrong error messages and very little documentation about it
Ok, i'm done. Please someone help me :(
I don't know how js and lambda works
What i have to do:
Send GET request and get response.
Write data from response to DynamoDb
I can do it 1by1 but can't do everything by 1 lambda call.
My code:
const https = require('https');
const crypto = require("crypto");
const AWS = require('aws-sdk');
const DynamoDb = new AWS.DynamoDB({region: 'eu-central-1'});
exports.handler = async (event) => {
let response;
console.log("Start");
let steamTicket;
let steamId;
if(event.body){
const body = JSON.parse(event.body);
if(body.steamticket && body.steamid){
steamTicket = body.steamticket;
steamId = body.steamid;
}
else{
response = {
statusCode: 400,
body: JSON.stringify({
authenticated: false,
reason: 'cant find steamid or steamticket in your request'
})
};
return response;
}
}
else{
response = {
statusCode: 400,
body: JSON.stringify({
authenticated: false,
reason: 'cant find request body'
})
};
return response;
}
await httprequest(steamTicket).then((data) =>{
if(data.response && data.response.params){
if(data.response.params.result == 'OK' && data.response.params.steamid == steamId){
console.log(JSON.stringify(data));
const sessionId = crypto.randomBytes(16).toString("hex");
console.log('Generated session id: ' + sessionId);
PutToDB(sessionId, steamId);
}
else{
response = {
statusCode: 400,
body: JSON.stringify({
authenticated: false,
reason: 'steam response is not OK or session != steamId'
})
};
return response;
}
}
else{
response = {
statusCode: 400,
body: JSON.stringify({
authenticated: false,
reason: 'invalid response from steam: ' + JSON.stringify(data)
})
};
return response;
}
});
};
async function PutToDB(sessionId, steamId){
var WriteParams = {
RequestItems:{
SteamSessions: []
}
};
WriteParams.RequestItems.SteamSessions.push({
PutRequest:{
Item: {
SteamId: {S: steamId},
SessionId: {S: sessionId},
ttl: {N: (Math.floor(Date.now() / 1000) + 600).toString()}
}
}
});
console.log('SessionIdToWrite: ' + sessionId);
return new Promise((resolve, reject) =>{
DynamoDb.batchWriteItem(WriteParams, function(err, data){
if(err){
console.log("Error", err);
}
else{
console.log("Success write", JSON.stringify(data));
}
})
})
}
async function httprequest(steamTicket) {
return new Promise((resolve, reject) => {
const options = {
host: 'partner.steam-api.com',
path: '/ISteamUserAuth/AuthenticateUserTicket/v1/?key=somekey&appid=someid&ticket=' + steamTicket,
port: 443,
method: 'GET'
};
const req = https.request(options, (res) => {
if (res.statusCode < 200 || res.statusCode >= 300) {
return reject(new Error('statusCode=' + res.statusCode));
}
var body = [];
res.on('data', function(chunk) {
body.push(chunk);
});
res.on('end', function() {
try {
body = JSON.parse(Buffer.concat(body).toString());
} catch(e) {
reject(e);
}
resolve(body);
});
});
req.on('error', (e) => {
reject(e.message);
});
// send the request
req.end();
});
}
I lost way already, i'm not even sure it should work like that.
And most confusing thing! This b give me this test results:
Run 1:
2021-03-05T13:28:47.741Z INFO Start
2021-03-05T13:28:48.612Z INFO {"response":{"params":{"result":"OK","steamid":"mysteamid","ownersteamid":"mysteamid","vacbanned":false,"publisherbanned":false}}}
2021-03-05T13:28:48.650Z INFO Generated session id: 6a5633a5f862d8663d0fe546a9c89feb
2021-03-05T13:28:48.650Z INFO SessionIdToWrite: 6a5633a5f862d8663d0fe546a9c89feb
DynamoDb is empty, here we can't see log from DynamoDb.batchWriteItem result.
Run 2:
2021-03-05T13:29:53.308Z INFO Start
2021-03-05T13:29:53.674Z INFO Success write {"UnprocessedItems":{}}
2021-03-05T13:29:54.048Z INFO {"response":{"params":{"result":"OK","steamid":"mysteamid","ownersteamid":"mysteamid","vacbanned":false,"publisherbanned":false}}}
2021-03-05T13:29:54.048Z INFO Generated session id: 05c62de782202fc100cea9d47e38242c
2021-03-05T13:29:54.048Z INFO SessionIdToWrite: 05c62de782202fc100cea9d47e38242c
And after second run i can see in DynamoDb sessionId from FIRST RUN (6a5633a5f862d8663d0fe546a9c89feb)
If i run it again, there will be id from 2nd run
I think it continues to run previous tasks on new run? Or what? I'm lost
Thank you for any help with it
You need to call reject / resolve in the DynamoDb.batchWriteItem call.
return new Promise((resolve, reject) =>{
DynamoDb.batchWriteItem(WriteParams, function(err, data){
if(err){
console.log("Error", err);
reject(err);
}
else{
console.log("Success write", JSON.stringify(data));
resolve();
}
})
})