Logging in programmatically from another application
-
any chance @julian or someone else who has done this would help push me the right direction.
I think I am doing everything right but there is no message whatsoever on nodebb's log to see if I am mistaken.
PS: I just noticed something that could be causing problems for me. What is the name required supposed to do. I noticed it is being used in strategies.push from my understanding of how this works: nodebb makes a call to my authorization end point and I check if the client is correct and grant it an access code, it then visits my token end point and exchanges this access code for a token. I take it to the user end point and hands it my users credentials to log in. I think I am wrong since it is not working.
// Register authorization code grant type server.grant(oauth2orize.grant.code(function(client, redirectUri, user, ares, callback) { // Create a new authorization code var code = new Code({ value: uid(16), clientId: client._id, redirectUri: redirectUri, userId: user._id }); // Save the auth code and check for errors code.save(function(err) { if (err) { return callback(err); } callback(null, code.value); }); })); // Exchange authorization codes for access tokens server.exchange(oauth2orize.exchange.code(function(client, code, redirectUri, callback) { console.log(client, code, redirectUri) Code.findOne({ value: code }, function (err, authCode) { if (err) { return callback(err); } console.log(authCode.clientId,client._id); if (authCode === undefined) { return callback(null, false); } if (client._id.toString() !== authCode.clientId) { return callback(null, false); } //if (redirectUri !== authCode.redirectUri) { return callback(null, false); } // Delete auth code now that it has been used authCode.remove(function (err) { if(err) { return callback(err); } // Create a new access token var token = new Token({ value: uid(256), clientId: authCode.clientId, userId: authCode.userId }); // Save the access token and check for errors token.save(function (err) { if (err) { return callback(err); } callback(null, token); }); }); }); })); setCodes = function(client, user, redirectUri, Code){ console.log('starting...') var code = new Code(); code.value = uid(16), code.clientId = client.id, code.userId = user._id code.save(function(error, success){ if(!success){ console.log(Code.find({}), 'I ran hered', code, error); } }); //console.log(code); //Code.find({}, function(error, success){if(success){console.log(success, "george")}}); } module.exports.authorization = [ server.authorization(function(clientId, redirectUri, callback) { Client.findOne({ id: clientId }, function (err, client) { if (err) { console.log("I ran herea");return callback(err); } return callback(null, client, redirectUri); }); }, function (client, user, redirectUri, done) { console.log(redirectUri); setCodes(client, user, redirectUri, Code); Code.find({ clientId: client.id, userId: user._id }, function (err, codes) { console.log(codes); if (err) { console.log("second"); return done(err); } if (codes.length > 0) { console.log("third") return done(null, true); } else { console.log('I ran here fourth'); return done(null,false); } }); }) ] // Application client token exchange endpoint module.exports.token = [ server.token(), server.errorHandler() ] module.exports.getNodebbUsers = function(req, res){ console.log(req.body.token); Token.find({value : req.body.token}, function(error, user){ userId = user[0].userId; if(!error){ User.find({_id : userId}, function(error, user){ console.log(userId); if(!error){ res.json({ username : user[0].userName, email : user[0].email, id : user[0]._id }) } else { console.log(error); } }) } }) }
btw this is my code above. I could do with some help seeing I have pushed myself to the limit.
Why does the callback uri have callback appended to its name and should this be an endpoint in my app?
I also intend posting my solutions once this starts working to save someone the wasted hours I spent reading, debugging and hacking my codes.
-
@jewa
name
is something unique, as the comment indicates. For example, if your site is "Example Widgets and Stuff", use something likeexample
.When the end user clicks on the link in the login/registration page, it should send them to
/auth/example
(ifexample
was the name, as above), which would redirect them to theauthorizationURL
as defined in your plugin.From there, it's up to your site to send them back with the proper token or code.
-
@julian I see. I thought all the user needed to do was to log in on my site and when he clicks on the forum link on my website there would be a handshake between my website and nodebb and then sign him on. I didn´t know he had to click on the log in/register link on nodebb.
I still have some questions though:
-
So I have to make a page and endpoint for /auth/example right? I believe oauth2orize would be responsible for the redirection.
-
I read your code and you always append callback if I am to make an endpoint or page it would never be executed because I would have /auth/example whilst the plugin would contain /auth/example/callback.
I think the process is a bit clearer to me right now. I have been programming javascript and node for about 3 months which is not much admittedly but this is hands down the most complicated thing I have come across as I don't have a full grasp of the whole process and it has very little to do with your programming skills imo and more to do with how much you understand libraries and all.
-
-
@jewa so I am getting there. I finally noticed a button- alternative registration/log in.
I clicked it and hurrah I got an error that should help at last:
https://www.dropbox.com/s/hm711i99iex4v1x/Screenshot 2017-02-13 21.57.07.png?dl=0
It still has to do with the call back uri. I really don't know what to do next since the url points to nodebb and not to me so I can't create an endpoint or something.
I am not so sure but I have a little idea of what my problem is but even at that I don't know how to solve it. I traced the error logs to an oauth2 file and it requests that the page returns between 200 and 299 status code but mine is returning 500. How can I return 200 when the link is not on my site. I am really getting confused.
-
@julian this is to hoping you'd help me complete this hurdle. As shown in the picture, I am getting the code but I don't know what to make of the error I am getting. I tried to deploy nodebb on Heroku since the error could possibly be because I am using local host but I ran into other issues with nodebb crashing on Heroku and that is like opening two battle fronts needlessly. I think I would proceed one step at a time.
Like I said, when I run my authorizationUrl on my browser, it gives an error 401 with the grant code. The resource I saw online said this was perfectly normal. If I copy the code and make a post request for my token on PostMan, it exchanges the code for a token and then I complete by posting to my user endpoint to get user details so I think the whole process is working and possibly I am just one correction away from saving you the stress of having to answer someone else trying to do this on node js because as I mentioned earlier, I will write down what worked for me and the resources I used.
-
@julian I have been patiently waiting for a response. However, I tried to install nodebb on heroku. It was a painful process but I came to my wits ends when I got to the launch page. It says congratulations your nodebb has been setup but won't get past that page. It returns a 404 error whilst making a get request for /admin.
Here are the logs
2017-02-16T04:21:11.458766+00:00 app[web.1]:
2017-02-16T04:21:11.458782+00:00 app[web.1]: Starting NodeBB
2017-02-16T04:21:11.458916+00:00 app[web.1]: "./nodebb stop" to stop the NodeBB server
2017-02-16T04:21:11.458977+00:00 app[web.1]: "./nodebb log" to view server output
2017-02-16T04:21:11.459020+00:00 app[web.1]: "./nodebb restart" to restart NodeBB
2017-02-16T04:21:11.464363+00:00 app[web.1]: (node:4) DeprecationWarning: Calling an asynchronous function without callback is deprecated.
2017-02-16T04:21:11.464621+00:00 app[web.1]: (node:4) DeprecationWarning: Calling an asynchronous function without callback is deprecated.
2017-02-16T04:21:11.466271+00:00 app[web.1]: TypeError: Cannot read property 'apply' of undefined
2017-02-16T04:21:11.466272+00:00 app[web.1]: at /app/node_modules/async/lib/async.js:760:22
2017-02-16T04:21:11.466273+00:00 app[web.1]: at /app/node_modules/async/lib/async.js:166:37
2017-02-16T04:21:11.466274+00:00 app[web.1]: at /app/node_modules/async/lib/async.js:718:13
2017-02-16T04:21:11.466274+00:00 app[web.1]: at async.forEachOf.async.eachOf (/app/node_modules/async/lib/async.js:233:13)
2017-02-16T04:21:11.466275+00:00 app[web.1]: at _parallel (/app/node_modules/async/lib/async.js:717:9)
2017-02-16T04:21:11.466276+00:00 app[web.1]: at Object.async.parallel (/app/node_modules/async/lib/async.js:731:9)
2017-02-16T04:21:11.466277+00:00 app[web.1]: at launch (/app/install/web.js:121:8)
2017-02-16T04:21:11.466277+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
2017-02-16T04:21:11.466278+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/route.js:131:13)
2017-02-16T04:21:11.466279+00:00 app[web.1]: at Route.dispatch (/app/node_modules/express/lib/router/route.js:112:3)
2017-02-16T04:21:11.996384+00:00 heroku[web.1]: Process exited with status 0
2017-02-16T04:21:12.007390+00:00 heroku[web.1]: State changed from up to crashed
2017-02-16T04:21:12.340823+00:00 heroku[router]: at=error code=H10 desc="App crashed" method=GET path="/admin" host=xxx.herokuapp.com request_id=eb7cf3c5-60db-47a6-ba5f-11685c6d62a2 fwd="88.8.42.95" dyno= connect= service= status=503 bytes= -
@jewa what Node version? Try Node 6 if you're on a newer version.
-
@jewa you shouldn't need to downgrade then. Any version of Node 6.x.x should work.
-
@julian I am on nodebb version 1.4.3 not sure if that is develop branch as I am not so good with git. Yes it is not related. I just wanted to isolate the cause of my failure to log in programmatically by hosting on Heroku and trying it from there.
I followed the steps here: https://community.nodebb.org/topic/9049/getting-nodebb-and-plugins-setup-with-heroku-and-mongodb
and then modified web.js line 34 inside the install folder to port = process.env.PORT || port; Otherwise, it would load at port 4567 which was always failing. I think I also added process.env.PORT to line 145 in loader.js but I don't think that changed anything much. It only started nodebb when I modified web.js
-
@julian I have ditched Heroku. Deployed the app on cloud9 and it is working fine. I then try to use my plugin and I still get the same error. Here is the error on nodebb
at OAuth2Strategy._createOAuthError (/home/ubuntu/workspace/node_modules/nodebb-plugin-sso-oauth/node_modules/passport-oauth/node_modules/passport-oauth2/lib/strategy.js:379:17) at /home/ubuntu/workspace/node_modules/nodebb-plugin-sso-oauth/node_modules/passport-oauth/node_modules/passport-oauth2/lib/strategy.js:166:45 at /home/ubuntu/workspace/node_modules/nodebb-plugin-sso-oauth/node_modules/passport-oauth/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:191:18 at passBackControl (/home/ubuntu/workspace/node_modules/nodebb-plugin-sso-oauth/node_modules/passport-oauth/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:132:9) at IncomingMessage.<anonymous> (/home/ubuntu/workspace/node_modules/nodebb-plugin-sso-oauth/node_modules/passport-oauth/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:157:7) at emitNone (events.js:72:20) at IncomingMessage.emit (events.js:166:7) at endReadableNT (_stream_readable.js:921:12) at nextTickCallbackWith2Args (node.js:442:9)
I am really frustrated I have searched the internet for help the only help I get is with respect to a possible typo or firewall. My authorization codes are being created in my database it is just at the exchange point that the failure happens.
It is a pretty awful user experience to log into the forum after logging into my web app.
Would definitely be using nodebb for a stand-alone forum but this is me giving up after a 4 day battle. I might as well have built a very simple forum for my website in those 4 days. Ugh!!!