Neil188
commented
2 years ago Having the same problem since updating from v0.5.3. I believe this is down to change a77271f55f045bd4fd2578a953256406b3621721 - authentice.js uses req.session.returnTo to redirect back to whatever page the user was visiting. But now sessionmanager.js is using req.session.regenerate - resulting in the returnTo property being lost, hence no redirect.
A workaround is to use options.keepSessionInfo to retain the session info:
passport.authenticate('oauth2', {
successReturnToOrRedirect: '/home',
failureRedirect: '/sign-in',
keepSessionInfo: true
})though this feels like it defeats the purpose of regenerating the session, when all we want to keep is the returnTo value.
Plus, if you are using Typescript keepSessionInfo isn't included in @types/passport
ashishth09
sbsamaro
brookback
const router = require('express').Router() const User = require('../models/user.model') const { body, validationResult } = require('express-validator') const passport = require('passport')
router.get('/login', ensureNotAuthenticated, async(req, res, next) => { res.render('login') }) router.post('/login', ensureNotAuthenticated, passport.authenticate('local', { successReturnToOrRedirect: '/', failureRedirect: "/auth/login", failureFlash: true }))
if for example a user tries to access a protected route, say 'auth/profile', he gets redirected to the log in page, but on successfully logging in, he gets redirected to the route specified in 'successReturnToOrRedirect'. I was using passport 0.4.1 and there, it redirected back to the previous protected route after the user has successfully logged in