Comments (5)
Hello there! Here are the answers:
- You should check out the auth.module where we have consumer.apply(middlewares).forRoutes(routes) to apply a middleware before a route handler is reached and the strategies are simply middlewares. In a middleware you can manipulate the request and response so a given strategy acquires the profile information from fb/twitter/google, saves it to the db and attaches the user profile to request.user
- I remember I watched a video about facebook authentication with passport in which the author recommended using passport-facebook-token so there you have it
- I havent really got to this yet
- If you're talking about the function middleware, as far as I remember it didnt work using a nest middleware so I just used the function one and left it like this.. You can try using the nest one and see for yourself
- The project needs to be updated to use the latest nest features.. At the time I remember there was only class validator examples and I got it working but the error messages were not as descriptive as joi's so basically that was the whole purpose
I hope I've answered sufficiently.. As mentioned, I have to update the project as soon as possible so I shall get onto it as soon as I got time.. You should read further and decide for yourself, I'm not someone with much of experience.. I explored different projects around github and medium articles about the technologies I cared about and found a way to combine them together so if you could improve it just go for it.. Regards
from nest-angular.
Thanks for the reply! That is very helpful info.
For item 1: Thanks, I had not noticed the authenticate call there - that makes sense now.
Just sharing for your interest... there, i think, still something unusual about the auth.service.ts implementation. In most examples I have seen, the passport.authenticate is for two separate routes on social login. In your case you call it once, and then do a lot of heavy-lifting still in the async facebookSignIn
method, that I think passport will do for you.
For an example, see this tutorial - one of the better ones that I have seen: https://scotch.io/tutorials/easy-node-authentication-facebook, and look at the following code:
// route for facebook authentication and login
app.get('/auth/facebook', passport.authenticate('facebook', {
scope : ['public_profile', 'email']
}));
// handle the callback after facebook has authenticated the user
app.get('/auth/facebook/callback',
passport.authenticate('facebook', {
successRedirect : '/profile',
failureRedirect : '/'
}));
I hope that is of some use... or if I am understanding it wrong, that would be good to know too.
I am looking forward to seeing this project progress. It seems like some great work.
Thanks
from nest-angular.
I'm not 100% sure but I think the way you suggest is used with passport-facebook, not passport-facebook-token.. What happens in facebookSignIn is we construct a url to obtain an access token for the user and then manually invoke the passport-facebook-token strategy by sending a request to our local endpoint (passport-facebook-token needs to have access_token provided)
from nest-angular.
OK, thanks for the clarification.
With regards to my initial passport-facebook vs passport-facebook-token question: I did some further reading, and asked (and answered) a Stack Overflow question about it. I beleive that, for your use case, it may be worth switching to the facebook-passport strategy for additional security.
I am going to have a go implementing passport-facebook in my nestjs project, and would be happy to share if I make progress with it, in case of any benefit for you.
Thanks again for taking the time to answer my questions.
from nest-angular.
I wish all the conversations on open-source projects are as polite as this.
from nest-angular.
Related Issues (10)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nest-angular.