I'm using Passport for NodeJS for authentication. I've successfully integrated it. If the user has his Github credentials already in his cookies, he just clicks my login button and he's on my dashboard. However, if he doesn't have cookies, my app will redirect him to Github temporarily to enter his credentials.
I want to add the functionality that if the app has to redirect the user to Github, do so in a new window. Is this possible?
In the passport-github example this function is called, but apparently I can't run any code when this happens?
// GET /auth/github
// Use passport.authenticate() as route m function(req,res)iddleware to authenticate the
// request. The first step in GitHub authentication will involve redirecting
// the user to github.com. After authorization, GitHubwill redirect the user
// back to this application at /auth/github/callback
app.get('/auth/github',
passport.authenticate('github'),
function(req, res){
// The request will be redirected to GitHub for authentication, so this
// function will not be called.
});
Why would you want to have the user redirect in a different window? Doesn't the GitHub auth send the user back to your application via a redirect?
Maybe try:
window.open('/auth/github')
Related
i tried to create (my first) login page, i did communication between client and server with WebSocket in JS, it check credentials of user (Token that makes you login to page). Only thing that i can't figure out is how to redirect user to other page, with sure that, he will be logged into this account and to protect from not authorized users. (server -> (JS) nodemon, client -> JS, HTML, CSS)
I expect that someone will make this topic clear to me, and explain how to code it :)
I'm also new to js. but I thing the way you can do this
by using window.location.href = "homepage.html"
steps
create a homepage.html file
on successful login attempt redirect user to hompage.html file by window.location.href = "homepage.html"
on homepage load you will check if user's valid token is saved or not( or by whatever method you are authenticating a user)
if user is authenticated user then show him homepage's content otherwise redirect him ho login.html page.( will be used to prevent if user trys to access homepage.html directly by entering url in search bar)
I hope this answers your question. :)
window.location.href = "/";
I have used Msal.js for login to microsoft account inorder to call microsoft graph api.
On local everything is working fine but after deployment on production, login is happening but again a login popup is opening up , and my web application is not redirected to home page.
My redirect uri is : "http://localhost:8080/"
I am using node.js to create the localhost server.
My config.js file is -
const msalConfig = {
auth: {
clientId: 'cbd4ec69-c747-4592-ae78-7d8d680d0428',
redirectUri: 'http://localhost:8080/'
}
};
const msalRequest = {
scopes: [
'user.read',
'Files.Read',
'Files.Read.All',
'Files.ReadWrite',
'Files.ReadWrite.All'
]
}
I need to deploy my application on prod, i have made the whole application and now only this thing is not working.
One of the workaround we can follow to resolve the above issue,
Make sure that the port you are using its been updated in server.js with your preferred port number in redirect uri.
We can follow the below given MS DOC and use the sample code.
The sample code will work like, When a user initially clicks the Sign In button, the signIn method invokes the loginPopup function to sign the user in. The loginPopup method prompts and validates the user's credentials by opening a pop-up window with the Microsoft identity platform endpoint. Msal.js starts the authorization code flow after a successful sign-in.
For complete setup please refer this MICROSOFT DOCUMENTATION|Sign in users and call the Microsoft Graph API from a JavaScript .
I'm using Laravel and Vue in an SPA and am integrating my app with another app. The second app has my app in an iframe. However, once my app is loaded in their iframe and a user is authenticated, I would like the user to have the option to open my app outside of the iframe by clicking on a button. After authenticating the user on my server, my plan was to send the JWT back to the client and then log in the user with the token (this is while my app is within the other app's iframe):
await this.$store.dispatch('auth/saveToken', {
token: token
})
If I refresh the page within the iframe, then the user is logged in, so I know that this is working.
However, when I try to open in a new tab:
let route = this.$router.resolve({ path: this.url })
window.open(route.href)
the user is logged out.
Am I missing a step so that the user will stay logged in even if the app opens in a new tab and outside of the original iframe?
i think because of change browser, because iframe is different or you app is different, so you have to manage token for login if it's come on new browser, and you are not able to get token after store in vuex you need to pass in url or any other way.
I'm creating some node.js webdriverio tests. When I connect to any of my sites, there's a check for the presence of a ssosession cookie (among others) to confirm user has access to the page. If it's not there, the browser immediately redirects to our login page. I need to capture the resulting cookies from a successful login and use them to load the pages I want to test.
In curl, I do that like this:
curl -H"Content-type: application/json" --user-agent "MyTestAgent" --cookie-jar cookiefile -o - --data-ascii "{\"user_id\": \"username\", \"user_secret\": \"password\"}" -X POST https://loginpage.net
Then:
curl -H"Content-type: application/json" --user-agent "MyTestAgent" --cookie cookiefile - --cookie-jar cookiefile -o - https://testpage.net
Currently in my code, when I hit the url of the page I intend to test it immediately redirects to the login page, I enter the login credentials and it logs in successfully. I then dump the cookies out to console and they're not updated. The ssosession stuff isn't there (yet?). If I console.log the ssosession alone, it's null. If I console.log all the cookies, they're the same as if I just grabbed the cookies from the login page without signing in. None of the SSO stuff is present.
describe('testpage.net page', function () {
it('should login', function () {
browser.url('https://testpage.net');
//this immediately redirects to https://loginpage.net
browser.setValue('#userid','noone#nowhere.net');
browser.setValue('#passwd','S3cr3tP4ssw0rd');
browser.submitForm('#login');
console.log(browser.getCookie('ssosession'));
//returns null
console.log(browser.getCookie());
//returns cookies that existed prior to login success
});
});
I need a means to grab the post login success cookies, store them locally equivalent to curls cookiejar and use them in subsequent tests. I've been beating my head up against a wall trying to figure out how this is done. This is an internal site that has very dated authentication method, but I need to write test automation for it's gui. Once over this particular hurdle, it should be easy to do that. Suggestions greatly appreciated!
I had the same problem and found a workaround solution.
let's say we have two domains: sso.example.com and application.example.com
After successful login, I open a new popup window with a url of the SSO, and grab the cookies from this popup, and store them to a file.
when the test script starts I am just injecting the cookies and everything works perfect :-)
// login just ended, you are at "application.example.com/sessioned-url"
// ...
// post login code, save cookies to file
await saveCookies(browser);
//open popup with sso.example.com (any url of this subdomain is OK even favicon or 404 becasue the cookies will be available)
await browser.newWindow("https://sso.example.com", {
windowName: "WebdriverIO window",
windowFeature: "width=1,height=1,resizable,scrollbars=yes,status=1",
});
const handles = await browser.getWindowHandles();
//move to the new window the SSO url
await browser.switchToWindow(handles[1]);
// save the SSO cookies (make sure to add the cookies to a file, NOT override it)
await saveCookies(browser);
//close popup and go back to "application.example.com/sessioned-url" window...
await browser.closeWindow();
await browser.switchToWindow(handles[0]);
when starting a new session:
// inject cookies of both domains
await injectCookies(browser);
// main window, will goto url without forcing login
await browser.url("application.example.com/sessioned-url");
hope it will help anyone in the long future :-)
I'm using Dropbox JavaScript SDK and authenticating the user so I'd get an oauth token. The problem is that when using the client.authenticate(), the user gets redirected to Dropbox instead of a popup. How can it be changed to a popup instead?
See https://github.com/dropbox/dropbox-js/blob/stable/guides/builtin_drivers.md.
client.authDriver(new Dropbox.AuthDriver.Popup({
receiverUrl: "https://url.to/oauth_receiver.html"}));
and run this in your oauth_receiver.html:
Dropbox.AuthDriver.Popup.oauthReceiver();