mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-16 06:07:21 +01:00
33 lines
1.7 KiB
JavaScript
33 lines
1.7 KiB
JavaScript
import passport from 'passport';
|
|
import nconf from 'nconf';
|
|
import { Strategy as FacebookStrategy } from 'passport-facebook';
|
|
import { Strategy as GoogleStrategy } from 'passport-google-oauth20';
|
|
|
|
// Passport session setup.
|
|
// To support persistent login sessions, Passport needs to be able to
|
|
// serialize users into and deserialize users out of the session. Typically,
|
|
// this will be as simple as storing the user ID when serializing, and finding
|
|
// the user by ID when deserializing. However, since this example does not
|
|
// have a database of user records, the complete Facebook profile is serialized
|
|
// and deserialized.
|
|
passport.serializeUser((user, done) => done(null, user));
|
|
passport.deserializeUser((obj, done) => done(null, obj));
|
|
|
|
// TODO remove?
|
|
// This auth strategy is no longer used. It's just kept around for auth.js#loginFacebook() (passport._strategies.facebook.userProfile)
|
|
// The proper fix would be to move to a general OAuth module simply to verify accessTokens
|
|
passport.use(new FacebookStrategy({
|
|
clientID: nconf.get('FACEBOOK_KEY'),
|
|
clientSecret: nconf.get('FACEBOOK_SECRET'),
|
|
profileFields: ['id', 'email', 'displayName'],
|
|
profileURL: 'https://graph.facebook.com/v2.8/me',
|
|
authorizationURL: 'https://www.facebook.com/v2.8/dialog/oauth',
|
|
tokenURL: 'https://graph.facebook.com/v2.8/oauth/access_token',
|
|
// callbackURL: nconf.get("BASE_URL") + "/auth/facebook/callback"
|
|
}, (accessToken, refreshToken, profile, done) => done(null, profile)));
|
|
|
|
passport.use(new GoogleStrategy({
|
|
clientID: nconf.get('GOOGLE_CLIENT_ID'),
|
|
clientSecret: nconf.get('GOOGLE_CLIENT_SECRET'),
|
|
}, (accessToken, refreshToken, profile, done) => done(null, profile)));
|