Hello,
I followed the quick start guide for node js regular web app but the authentication fails.
I’m using this code in my index.js :
// Perform the login, after login Auth0 will redirect to callback
router.get('/login', passport.authenticate('auth0', {
scope: 'openid profile email'
}), function (req, res) {
res.redirect('/');
});
// Perform the Callback
router.get('/callback', function (req, res, next) {
passport.authenticate('auth0', function (err, user, info) {
if (err) { return next(err); }
if (!user) { return res.redirect('/login'); }
req.logIn(user, function (err) {
if (err) { return next(err); }
const returnTo = req.session.returnTo;
delete req.session.returnTo;
res.redirect(returnTo || '/user');
});
})(req, res, next);
});
When I try to authenticate, the web console shows that the browser keeps on looping from login page to callback page. As far as I understood, it means that the callback return no user so it redirect to the login page which redirect to the callback page.
If I change the redirection for another page (not secured), the callback redirect to this page but, of course, the user is undefined…
The weird thing is that when I go to the log page in the dashboard, I can see that my login attempts are considered as success (!).
My app.js is strictly identical to the one provided in the quick start guide.
Any help would be appreciate
Edit :
I have just tried to upload the sample app in my web server and the result is the same : eternal loop between login and callback
It must be a misconfiguration in my tenant or in my application (in the dashboard) but I don’t see where
Edit N°2 :
I have tried my code on local (localhost) and it works !!
-
The configuration in auth0 dashboard is the same for the local and the remote
-
The code is the same on both sides
The only explanation is that my host (OVH) has a ‘special’ configuration.
Does anyone has already experience this?
Edit N°3 :
Finally, the authentication works, partially…
I found a solution that consist to add state: false
in my strategy (app.js).
In the callback function, this part: if (!user) { return res.redirect('/login'); }
is not “true” anymore, so I get the user!
BUT, of course there is a “BUT” , this part: res.redirect(returnTo || '/user');
redirect to the user page WITHOUT any user data!!
My user routeur doesn’t get the user data: const { _raw, _json, ...userProfile } = req.user;
return: Cannot destructure property '_raw' of 'undefined' or 'null'.
I don’t understand why!!
HELP, please!