CODEWITHSUNDEEP
node.jsexpresssequelize.jspassport.jspassport-google-oauth
caxinaswin
caxinaswin

Reputation: 71

passport-google-oauth20 redirect and replace history

I have setup a simple authentication flow with google using passport-google-oauth20.

Basicly I added a separated file to handle the initial configuration like represented bellow:

const GoogleStrategy = require('passport-google-oauth20').Strategy;
const crypto = require('crypto');

module.exports = (passport) => {
  passport.use(
    new GoogleStrategy(
      {
        clientID:
          'clientId,
        clientSecret: 'clientSecret',
        callbackURL: 'http://localhost:8080/api/auth/google/callback',
      },
      async (accessToken, refreshToken, profile, done) => {
        const email = profile.emails[0].value;
        let username = profile.emails[0].value;

        const randomNumbers = crypto.randomInt(5);

        if (profile.displayName) {
          username = `${profile.displayName.replace(
            /\s+/g,
            '',
          )}${randomNumbers}`;
        }

        const user = { email, username, googleId: profile.id };
        return done(null, user);
      },
    ),
  );
};

Then I have the google get request and callback like represented bellow:

router.get(
  '/google',
  passport.authenticate('google', {
    session: false,
    scope: ['profile', 'email'],
    prompt: 'select_account',
  }),
);

router.get(
  '/google/callback',
  passport.authenticate('google', {
    session: false,
    failureRedirect: process.env.DOMAIN,
  }),
  async (req, res) => {
    console.log('here');
    const { email, username, googleId } = req.user;

    const queryCondition = {
      where: Sequelize.or({ username }, { email }),
      defaults: {
        email,
        username,
        googleId,
      },
    };

    const [user, _] = await User.findOrCreate(queryCondition);

    if (user) {
      getJwtTokens(res, user.id);
    }

    res.redirect(303, process.env.DOMAIN);
  },
);

Everything works fine, except the last line. I am trying to return a 303 in order to see if the history of the browser is overriten. But I still always get a 200 response. When I reach the frontend I am not able to delete the history. So the goal is to not allow the user to navigate back. But even If I try to return it with different status code I always get a 200. Anyone know what is wrong with my code?

Thanks!

Upvotes: 0

Views: 45

Answers (0)

Related Questions