search

trailsjs / sails-auth

Passport-based User Authentication system for sails.js applications. Designed to work well with the sails-permissions module.
https://www.npmjs.org/package/sails-auth
MIT License
266 stars 141 forks source link

Using dropbox-oauth2 #64

Open peerbolte opened 9 years ago

peerbolte commented 9 years ago

So this had me confused for a little while. I'm was trying to use passport-dropbox-oauth2 to login, but ran into multiple issues. I had created the following object in config/passport.js

_.merge(exports, {
    passport:{
        dropbox:{
            name: 'Dropbox',
            protocol: 'oauth2',
            strategy: require('passport-dropbox-oauth2').Strategy,
            options: {
                clientID: 'xxx',
                clientSecret: 'xxx',
                callbackURL: '/auth/dropbox/callback' 
            }
        }
    }
});

this gave the following error:

Error: Unknown authentication strategy "dropbox"

Apparently sails-auth is using the key value of the object (in this case "dropbox") to find the right passport. However the passport is called dropbox-oauth2, so it will not find it an thus throw the error.

As you can't use a "-" as key value this way, you have to rebuild the object slightly to this:

 var passportObj = {passport:{}};

 passportObj.passport['dropbox-oauth2'] =  {
            name: 'dropbox-oauth2',
            protocol: 'oauth2',
            strategy: require('passport-dropbox-oauth2').Strategy,
            options: {
                clientID: 'xxx',
                clientSecret: 'xxx',
                callbackURL: '/auth/dropbox-oauth2/callback'
            }
 };

_.merge(exports, passport);

This solves the first issue. Maybe introducing a new value like passport-name in the object would be a cleaner way to do this?

After this I ran into the second issue: authenticating multiple times. Authenticating once goes smoothly, however authenticating twice throws the following error:

warn: Error (E_VALIDATION) :: 2 attributes are invalid
...
Invalid attributes sent to undefined:
 • username
   • A record with that `username` already exists (`email@example.com`).
 • email
   • A record with that `email` already exists (`email@example.com`).

It seems like sails-auth tries to create another user, while my user was already in the database. After some console.logging in sails-auth/api/services/passport.js I found out that provider was set to "dropbox", while in the database the provider is set to "dropbox-oauth2", so the passport is not found and a new passport is created, but the user already exists.

I currently fixed this quick and dirty by setting the provider to dropbox-oauth2 (hard in passport.js). I can imagine that some parts of sails-auth have to be rewritten in order to deal with passports that don't match the provider / have dashes in there name.

I hope this illustrates the problem with less common passports.

drouillard commented 9 years ago

I have had the same issues with multiple attempts to create same user with standard google sign-in for what it is worth.