Reputation: 1001
nodejs passport - facebook authentication
I have created a facebook app and was used by only me. Now I have made it live but nobody else than me is able to login.
They get following error.
FacebookTokenError: This authorization code has been used.
at Strategy.parseErrorResponse (/var/www/html/project/node_modules/passport-facebook/lib/strategy.js:199:12)
at Strategy.OAuth2Strategy._createOAuthError (/var/www/html/project/node_modules/passport-facebook/node_modules/passport-oauth2/lib/strategy.js:345:16)
at /var/www/html/project/node_modules/passport-facebook/node_modules/passport-oauth2/lib/strategy.js:171:43
at /var/www/html/project/node_modules/passport-facebook/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:177:18
at passBackControl (/var/www/html/project/node_modules/passport-facebook/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:123:9)
at IncomingMessage.<anonymous> (/var/www/html/project/node_modules/passport-facebook/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:143:7)
at IncomingMessage.EventEmitter.emit (events.js:117:20)
at _stream_readable.js:920:16
at process._tickCallback (node.js:415:13)
What could be the issue here. App is live.
Upvotes: 1
Views: 2475
Answers (4)
Reputation: 588
You need to call done() inside of your FacebookStrategy callback. For testing you could just do
function(accessToken, refreshToken, profile, done) {
console.log("Auth done");
done(null, profile);
}
You can have reference here : https://github.com/jaredhanson/passport/issues/108
Upvotes: 1
Reputation: 2148
I have a REST api in Express that uses a Sessionless Facebook Login using the info from Jeroen Pelgrims. What it does is:
Login with Facebook Strategy Save token and info in user database Use that token for Bearer login What passport-facebook authenticate uses in the callback-page is this: passport.authenticate('strategy', options, user, error)
The behavior is correctly throwing that error! As @jsilveira said in the comments, the error happens if a user logs in twice...
My answer is very simple, I catch the error... Read on there is a but...
// route for facebook authentication and login
router.get('/auth/facebook',
passport.authenticate('facebook', {session: false, scope : ['email'] })
);
// handle the callback after facebook has authenticated the user
router.get('/auth/facebook/callback',
passport.authenticate('facebook', { session: false, failureRedirect : '/'}),
// on succes
function(req,res) {
// return the token or you would wish otherwise give eg. a succes message
res.render('json', {data: JSON.stringify(req.user.access_token)});
},
// on error; likely to be something FacebookTokenError token invalid or already used token,
// these errors occur when the user logs in twice with the same token
function(err,req,res,next) {
// You could put your own behavior in here, fx: you could force auth again...
// res.redirect('/auth/facebook/');
if(err) {
res.status(400);
res.render('error', {message: err.message});
}
}
);
But, if you guys want it to just log in/authorize again you could insert a callback or redirect in the error part.
Hope this clarifies some issues you guys are having. If you by any chance have questions or requests, dont be shy. Info is on my profile.
PS: stackoverflow.com has an answer for re-auth it follows like this:
app.post('/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) {
return next(err); // will generate a 500 error
}
// Generate a JSON response reflecting authentication status
if (! user) {
return res.send({ success : false, message : 'authentication failed' });
}
return res.send({ success : true, message : 'authentication succeeded' });
})(req, res, next);
});
Upvotes: 1
Reputation: 2204
Looks like you are not the only one:
Look here
They offer several solutions.
Anyway - if you really want a solution you will have to paste your code here.
Upvotes: 0
Reputation: 4943
I stumbled across this thread: https://github.com/jaredhanson/passport-facebook/issues/93
General consensus seems to be that jdomingo's solution is working for people. His solution involves enabling enableProof in the strategy:
passport.use(new FacebookStrategy({
clientID: ---,
clientSecret: ---,
callbackURL: "http://---/auth/facebook/callback",
enableProof: true
}
jdomingo provides some further explanation on why this helps. FWIW, I've not actually tried this myself.
Upvotes: 0
Related Questions
- Using PassportJS with Connect for NodeJS to authenticate Facebook Users
- Passport.js and Facebook Graph API
- How do you authenticate on facebook using passport in a web application?
- Facebook authentication with Passport JS using Node fails
- Node.js/passport-Facebook authentication
- Passport authentication error
- Authenticating With Facebook using Passport Not Working
- Node Passport-facebook login in Facebook Page Tab application
- Nodejs express integration authentification local and facebook
- NodeJS authentication with passport using facebook strategy