使用Express和everyauth有条件地对Google OAuth2进行身份验证
我正在尝试将everyauth与Google OAuth2一起使用,我只希望在Google向我发送公司Google应用程序域中的用户时,身份验证能够成功。我不知道如何基于findOrCreateUser的参数优雅地中止身份验证使用Express和everyauth有条件地对Google OAuth2进行身份验证,express,connect,everyauth,Express,Connect,Everyauth,我正在尝试将everyauth与Google OAuth2一起使用,我只希望在Google向我发送公司Google应用程序域中的用户时,身份验证能够成功。我不知道如何基于findOrCreateUser的参数优雅地中止身份验证 express = require "express" everyauth = require "everyauth" app = express() nextUserId = 0 usersById = {} app.get "/", (req, res) ->
express = require "express"
everyauth = require "everyauth"
app = express()
nextUserId = 0
usersById = {}
app.get "/", (req, res) ->
res.send "Secret"
everyauth.everymodule
.findUserById (id, callback) ->
callback null, usersById[id]
everyauth.google
.appId(process.env.GOOGLE_CLIENT_ID)
.appSecret(process.env.GOOGLE_CLIENT_SECRET)
.scope("...")
.redirectPath("/")
.findOrCreateUser (session, token, extra, googleUser) ->
# I want to abort authentication if googleUser.email != foo
# Redirecting to /unauthorized would be awesome but I don't know how
googleUser.id = nextUserId++
usersById[googleUser.id] = googleUser
app.use express.cookieParser()
app.use express.session { secret: "secret" }
app.use everyauth.middleware()
app.listen process.env.PORT
根据下面代码中的线索,可以按照您的要求工作。请注意,代码顺序很重要,我必须将app.use calls移动到文件的后面,以便会话正常工作
express = require "express"
everyauth = require "everyauth"
util = require "util"
everyauth.everymodule
.findUserById (req, id, callback) ->
callback(null, usersById[id])
everyauth.google
.appId(process.env.GOOGLE_CLIENT_ID)
.appSecret(process.env.GOOGLE_CLIENT_SECRET)
.scope("https://www.googleapis.com/auth/userinfo.email")
.redirectPath("/")
.findOrCreateUser (session, token, extra, googleUser) ->
#console.log(util.inspect(googleUser))
if googleUser.email == "some.user@gmail.com"
return null
else
return usersById[googleUser.id] = googleUser
.sendResponse (res, data) ->
user = data.user
if !user
return this.redirect(res, '/failure')
this.redirect(res, "/")
app = express()
app.use express.bodyParser()
app.use express.cookieParser()
app.use express.session({secret: "SECRETIVE"})
app.use everyauth.middleware()
nextUserId = 0
usersById = {}
app.get "/", (req, res) ->
if req.loggedIn
res.send "You are logged in as " + req.user.email + ". Click <a href='/logout'>here to logout</a>"
else
res.send "click <a href='/auth/google'>here to login</a>"
app.get "/failure", (req, res) ->
# clear the login stuff from the session since we went through auth
# but didn't set a user object. This makes req.loggedIn return false.
req.logout()
res.send "Victory has defeated you."
app.listen process.env.PORT
console.log('listening on ', process.env.PORT)
express=需要“express”
everyauth=需要“everyauth”
util=需要“util”
everyauth.everymodule
.findUserById(请求、id、回调)->
回调(null,usersById[id])
谷歌
.appId(process.env.GOOGLE\u CLIENT\u ID)
.appSecret(process.env.GOOGLE\u CLIENT\u SECRET)
.范围(”https://www.googleapis.com/auth/userinfo.email")
.redirectPath(“/”)
.findOrCreateUser(会话、令牌、额外、Google用户)->
#console.log(util.inspect(googleUser))
如果googleUser.email==”一些。user@gmail.com"
返回空
其他的
返回usersById[googleUser.id]=googleUser
.sendResponse(资源、数据)->
user=data.user
如果!用户
返回此。重定向(res,“/failure”)
此。重定向(res,“/”)
app=express()
app.use express.bodyParser()
app.use express.cookieParser()
app.use express.session({secret:“SECRETIVE”})
app.use everyauth.middleware()
nextUserId=0
usersById={}
app.get“/”,(请求、回复)->
如果需要loggedIn
res.send“您以“+req.user.email+”的身份登录。单击”
其他的
res.send“点击”
app.get“/失败”(请求、恢复)->
#清除会话中的登录内容,因为我们进行了身份验证
#但是没有设置用户对象。这使得req.loggedIn返回false。
请求注销()
res.send“胜利打败了你。”
app.listen process.env.PORT
console.log('监听',process.env.PORT)
根据下面代码中的线索,您可以按要求工作。请注意,代码顺序很重要,我必须将app.use calls移动到文件的后面,以便会话正常工作
express = require "express"
everyauth = require "everyauth"
util = require "util"
everyauth.everymodule
.findUserById (req, id, callback) ->
callback(null, usersById[id])
everyauth.google
.appId(process.env.GOOGLE_CLIENT_ID)
.appSecret(process.env.GOOGLE_CLIENT_SECRET)
.scope("https://www.googleapis.com/auth/userinfo.email")
.redirectPath("/")
.findOrCreateUser (session, token, extra, googleUser) ->
#console.log(util.inspect(googleUser))
if googleUser.email == "some.user@gmail.com"
return null
else
return usersById[googleUser.id] = googleUser
.sendResponse (res, data) ->
user = data.user
if !user
return this.redirect(res, '/failure')
this.redirect(res, "/")
app = express()
app.use express.bodyParser()
app.use express.cookieParser()
app.use express.session({secret: "SECRETIVE"})
app.use everyauth.middleware()
nextUserId = 0
usersById = {}
app.get "/", (req, res) ->
if req.loggedIn
res.send "You are logged in as " + req.user.email + ". Click <a href='/logout'>here to logout</a>"
else
res.send "click <a href='/auth/google'>here to login</a>"
app.get "/failure", (req, res) ->
# clear the login stuff from the session since we went through auth
# but didn't set a user object. This makes req.loggedIn return false.
req.logout()
res.send "Victory has defeated you."
app.listen process.env.PORT
console.log('listening on ', process.env.PORT)
express=需要“express”
everyauth=需要“everyauth”
util=需要“util”
everyauth.everymodule
.findUserById(请求、id、回调)->
回调(null,usersById[id])
谷歌
.appId(process.env.GOOGLE\u CLIENT\u ID)
.appSecret(process.env.GOOGLE\u CLIENT\u SECRET)
.范围(”https://www.googleapis.com/auth/userinfo.email")
.redirectPath(“/”)
.findOrCreateUser(会话、令牌、额外、Google用户)->
#console.log(util.inspect(googleUser))
如果googleUser.email==”一些。user@gmail.com"
返回空
其他的
返回usersById[googleUser.id]=googleUser
.sendResponse(资源、数据)->
user=data.user
如果!用户
返回此。重定向(res,“/failure”)
此。重定向(res,“/”)
app=express()
app.use express.bodyParser()
app.use express.cookieParser()
app.use express.session({secret:“SECRETIVE”})
app.use everyauth.middleware()
nextUserId=0
usersById={}
app.get“/”,(请求、回复)->
如果需要loggedIn
res.send“您以“+req.user.email+”的身份登录。单击”
其他的
res.send“点击”
app.get“/失败”(请求、恢复)->
#清除会话中的登录内容,因为我们进行了身份验证
#但是没有设置用户对象。这使得req.loggedIn返回false。
请求注销()
res.send“胜利打败了你。”
app.listen process.env.PORT
console.log('监听',process.env.PORT)