Hi, everyone.
I’ve seen some topics asking about how to send additional info on the profile page or how to add a custom registration rule, but I’m not sure if one is exactly like mine that’s already there, so I’ve made this new topic. What I want to do is to include a user’s checked out books, if they have any not returned to the library, on their profile page.
I’m building a library management app, implemented using the MERN stack, and I’m trying to use Auth0 for the authentication functionality for the app.
So how can I do this? Any help is appreciated. Thanks in advance.
This is the code I have now:
const { auth, requiresAuth } = require("express-openid-connect");
const config = {
authRequired: false,
auth0Logout: true,
baseURL: "http://localhost:4000",
clientID: "mdV8FknwltoSTAlnpz5mWDXXFv1AJlDv",
issuerBaseURL: "https://dev-t05enzg7vge6ltlg.us.auth0.com"
};
// auth router attaches /login, /logout, and /callback routes to the baseURL
app.use(auth(config));
app.use(cors());
app.get("/login", (req, res) => {
});
// req.isAuthenticated is provided from the auth router
app.get("/", (req, res) => {
res.send(req.oidc.isAuthenticated() ? "Logged in" : "Logged out");
});
app.get("/profile", requiresAuth(), (req, res) => {
res.send(JSON.stringify(req.oidc.user));
});
I also need to know how to handle the login and logout routes in my app. Is what I have for req.oidc.isAuthenticated() supposed to be the route for login? I’m trying to read the documentation but might need some help with that too.
This is my current code:
const express = require("express");
const app = express();
const dotenv = require("dotenv");
dotenv.config({ path: `${__dirname}/.env` });
const MONGO_URI = process.env.MONGO_URI;
const mongoose = require("mongoose");
const cors = require("cors");
const bodyParser = require("body-parser");
const PORT = process.env.PORT || 4000;
const router = require("./routes/index");
const { auth, requiresAuth } = require("express-openid-connect");
const https = require("https");
const fs = require("fs");
app.use(cors());
app.use(bodyParser.urlencoded({ extended: false }));
app.use("/api", router);
mongoose.connect(MONGO_URI);
mongoose.connection.once("open", () => console.log("Connected to the Database"));
mongoose.connection.on("error", error => console.log(`Mongoose Connection Error: ${error}`));
const httpsServer = https.createServer({
key: fs.readFileSync("server.key"),
cert: fs.readFileSync("server.cert"),
app
});
const config = {
authRequired: false,
auth0Logout: true,
baseURL: "https://localhost:4000",
clientID: "mdV8FknwltoSTAlnpz5mWDXXFv1AJlDv",
issuerBaseURL: "https://dev-t05enzg7vge6ltlg.us.auth0.com",
secret: `${process.env.CLIENT_SECRET}`
};
// auth router attaches /login, /logout, and /callback routes to the baseURL
app.use(auth(config));
// req.isAuthenticated is provided from the auth router
app.get("/", (req, res) => {
res.send(req.oidc.isAuthenticated() ? "Logged in" : "Logged out");
});
app.get("/profile", requiresAuth(), (req, res) => {
res.send(JSON.stringify(req.oidc.user));
});
app.post("/dbconnections/signup", (req, res) => {
});
httpsServer.listen(PORT, () => console.log(`Server listening over HTTPS on port ${PORT}`));
It’d be greatly appreciated if someone could help me out with the login, logout and registration stuff. For both username and password, and third-party login flows.
And do I need to store the user’s name, username and password, even if that user logged in using third-party IDP like Google or GitHub? Do I need to write a check for this?
And would it be correct to assume that profile page customization can also be achieved by profile endpoint customization?
Edit: Actually, never mind. I’ll just go with passport.js instead because it seems easier for me.