Very WIP feat(passportjs): example using passport #2210
Conversation
| @@ -8,7 +8,6 @@ if (process.env.NEW_RELIC_LICENSE_KEY) { | |||
|
|
|||
| const compression = require('compression') | |||
| const cookieParser = require('cookie-parser') | |||
| const cookieSession = require('cookie-session') | |||
There was a problem hiding this comment.
express vs cookieSession:
express session seems more storage agnostic? Its used by several examples; not sure that examples couldn't be adapted to use what we already have, though
There was a problem hiding this comment.
cookie-session was definitely in the example usage in the past. If this had changed in more recent years, we can consider updating (in a separate PR)
| @@ -199,6 +238,7 @@ app.get('/terms-of-service', (req, res) => res.render('tos')) | |||
| // API routes | |||
| app.use('', apiRoutes) | |||
| app.use('', serviceRoutes) | |||
| app.use('/', authRouter) | |||
There was a problem hiding this comment.
pretty temporary, though I'd also like to learn more about the way our current implementation of routes differs from many express examples I've seen. not a problem to conform to what we have already, though.
There was a problem hiding this comment.
The general rule of thumb is that our implementation may differ from current examples because the conventions change over time. We are not necessarily following every convention change closely, and updating them to match. This is especially true when old patterns are not explicitly deprecated, or if we don't have good reasons (beyond style) to change.
| @@ -0,0 +1,63 @@ | |||
| var express = require('express') | |||
There was a problem hiding this comment.
this is 'boilerplate' but basically where the redirect happens.
at the moment, this goes to the auth0 login default, and so in effect isn't much different than #2035
I'd like to play around with this more to see if we can use passport with auth0 but wrapped around our existing login embed form.
The advantage here might be more when we want to add additional providers like coil, etc. We have a pattern or strategy to follow.
| @@ -34,6 +38,43 @@ compileSVGSprites( | |||
| 'image' | |||
| ) | |||
|
|
|||
| // config express-session | |||
| const theSession = { | |||
| secret: '72a1e6ba625661ee10dfd9610abb5499acc276da06375e56ed2d3789d0aa11ae', | |||
There was a problem hiding this comment.
this is, i think, a locally generated token so I don't know if it needs to not be committed like other secrets
|
Not really. It was my first stab at getting passport to work with auth0 in order to add support for username password login |
Codecov Report
@@ Coverage Diff @@
## main #2210 +/- ##
==========================================
- Coverage 47.81% 47.63% -0.18%
==========================================
Files 267 268 +1
Lines 9002 9036 +34
Branches 2173 2178 +5
==========================================
Hits 4304 4304
- Misses 4209 4238 +29
- Partials 489 494 +5
Continue to review full report at Codecov.
|
No description provided.