1

I'm setting up this Sails project where I use PassportJS, via sails-generate-auth, and JWTs - using this as a guide - to login. I'm trying to decouple the api from the Ember app as much as I can so I can use the same API for iOS, etc. Since passport uses callbacks to handle Facebook auth, how can I login via AJAX?

I'm able to successfully login to Facebook via passport js using an AJAX GET to /auth/facebook like so

var url = config.api + '/auth/facebook'
var controller = this;
Ember.$.get( url, function ( data ) {
  // This is never called because Facebook redirects
  localStorage.private_token = data.token;
  controller.transitionToRoute('profile', data.user);
});

but then when Facebook redirects, it goes back to the API, not the frontend app. But if I configure the backend to redirect to the front end app after the callback, I have a dependency on the front end app that I want to avoid. I've never done Facebook auth before but I've used API tokens for a while now.

Is there any way to do what I'm trying to do? Or should I just redirect to the front-end app from passport.callback?

Update

After a bit more searching, I came across this answer: passport.js RESTful auth

It seems that I cannot achieve what I want since Facebook only exposes a redirect-based authentication, not an async or JSON one. Good to know...mark as duplicate if you'd like.

Community
  • 1
  • 1
onetwopunch
  • 3,279
  • 2
  • 29
  • 44

1 Answers1

1

Your application must also implement a redirect URL, to which Facebook will redirect users after they have approved access for your application.

From Passport.js Facebook guide (Look at Configuration).

So you have to set your ember app state/url as redirect url e.g. http://localhost/#/welcome

Sabbir
  • 359
  • 2
  • 10
  • Sabbir, I do understand how the callback works and also that I can solve it by setting the redirect callback to my ember app. My issue with this is that it necessitates my API having knowledge of my front-end app, which I'd like to avoid if possible. Ideally I'd like a solution that allows me to authenticate with Facebook without the redirect so I can use the AJAX response. I'm not sure if this is possible as I'm still new with Facebook auth. – onetwopunch Apr 20 '15 at 16:38
  • You can set up a route that handles facebook redirect and sends back a json response if that you're looking for. In front-end you can always setup what to do with that response. – Sabbir Apr 20 '15 at 16:48
  • I already have a route that issues JSON but when Facebook redirects to that route, the controller would have to have knowledge of the front end app to redirect or render. This is what I'm trying to avoid if possible. – onetwopunch Apr 20 '15 at 16:53
  • Redirect or render based on what? – Sabbir Apr 20 '15 at 16:56
  • So my goal is to have nothing relating to the front-end app in the Sails API. My problem is that this is the redirect flow: 1. User clicks Login With FB in Ember app, 2. FB logs in user and redirects to Sails controller. 3. Sails controller must redirect back to front-end app, which implies that Sails knows about the front-end app. This is what I'm trying to avoid. – onetwopunch Apr 20 '15 at 17:02
  • 3. Sails controller doesn't redirects if request want's json & responds with json. In front you read the response code decide what to do next. Not sure if it's gonna work. – Sabbir Apr 20 '15 at 17:06
  • Ok so it seems that what I want cannot be achieved based on this question: http://stackoverflow.com/questions/14572600/passport-js-restful-auth?rq=1 I guess I'll have to authenticate differently for the native mobile apps sadly. And in response to you're latest comment, sails can in fact redirect in a controller even if JSON is desired. – onetwopunch Apr 20 '15 at 17:09