-1

Routes.js

app.get('/auth/google/redirect', passport.authenticate('google'), (req, res) => {
    console.log('req.user:', req.user)  //>>>>>Outputs {username: 'bob', id: '..and so on'...}
    res.redirect('/profile/test')
})

profileRoutes.js

   app.get('/profile/test', (req, res) => {
        res.send('This is the req.user: ' + req.user);
    })

Output: "This is the req.user: undefined"

Note that I succesfully was able to access the req.user in the routes.js before redirecting to /profile/test, why is the req.user variable from route.js not passed along to the /profile/test?

If I doesn't redirect, then and just send the req.user, it works as expected:

app.get('/auth/google/redirect', passport.authenticate('google'), (req, res) => {
        res.send(req.user)
    })

OutPut: {"_id":"5b8d42186cfd139c00c42c9","username":"Ryan Cameron","googleId":"11280041518849062335","__v":0}

I was following theNetNinja's tutorial on youtube, and it worked for him. So it's weird why the variable isn't being passed to the new redirected route for me but it does for him. Watch it work for him

Why is the req.user variable not passed to the redirected route?

I can pass the variable in a query string to the redirected route but that would not be secure. The guy in the video didn't do that, he had the same code as me above. But for some reason it doesn't work for me. Why?

Nimantha
  • 6,405
  • 6
  • 28
  • 69
Ryan Cameron
  • 371
  • 1
  • 4
  • 14
  • Possible duplicate of [How do I redirect in expressjs while passing some context?](https://stackoverflow.com/questions/19035373/how-do-i-redirect-in-expressjs-while-passing-some-context) – Michael Curry Sep 03 '18 at 16:49
  • Because you didn't set up authentication middleware for the second route. – SLaks Sep 03 '18 at 16:50
  • No michael already seen that. He is trying to pass a variable to a jade file. That won't work for me, I am trying to pass the variable along to the redirected route. – Ryan Cameron Sep 03 '18 at 16:50
  • @SLaks that shouldnt be necessary, all I want is to pass the variable along the to redirected route. – Ryan Cameron Sep 03 '18 at 16:51
  • A redirect results in a new request from the browser. That request doesn't share anything from the previous request. – SLaks Sep 03 '18 at 16:52
  • @SLaks it works for 'theNetNinja' in the video though. https://www.youtube.com/embed/5VHBy2PjxKs?start=139 and the repo code: https://github.com/iamshaunjp/oauth-playlist/blob/lesson-18/routes/auth-routes.js – Ryan Cameron Sep 03 '18 at 16:52
  • Have you tried `req.query.user`? – null Sep 03 '18 at 17:05
  • @null That doesn't work either. I can also confirm that there is no query string visible in the URI. As mentioned in the question I would also like to avoid passing it as a query string for security reasons. – Ryan Cameron Sep 03 '18 at 17:06
  • How you sending data from front end? – null Sep 03 '18 at 17:07
  • Try this `res.status(200).redirect('/profile/test?user=' + req.user)`. You can also use the `url.format()` like `res.redirect(url.format({ pathname:"/profile/test", query: { "user": req.user } }));` – null Sep 03 '18 at 17:09
  • @null That will work, **HOWEVER** it will be pased as a **query string** which I do **NOT** want for **security reasons**. (it is sentitive user data)* – Ryan Cameron Sep 03 '18 at 17:10
  • check updated comment above. – null Sep 03 '18 at 17:11
  • Possibly not working because of use of status with redirect – Henrique Viana Sep 03 '18 at 17:20
  • @RyanCameron my answer was what led you to figure out your problem – TheNastyOne Sep 04 '18 at 15:07
  • @TheNastyOne Nope, knew that already. I had followed each video in which he explained what that did. I can link to the video where he explained, what you so called "made me realise". if you dont believe me. – Ryan Cameron Sep 04 '18 at 17:06

1 Answers1

0

The repo you mentioned makes use of a passport session, which stores the user's id in a cookie and does a lookup on every subsequent request.

This is where the session is instantiated: https://github.com/iamshaunjp/oauth-playlist/blob/lesson-18/app.js#L23

This is where they store the userId of the authenticated user in the cookie: https://github.com/iamshaunjp/oauth-playlist/blob/lesson-18/config/passport-setup.js#L6-L8

This is where they do a database lookup on every request for the user object using the stored userId in the cookie: https://github.com/iamshaunjp/oauth-playlist/blob/lesson-18/config/passport-setup.js#L10-L14

EDIT The reason why the variable req.user is not present when you redirect in your app is because you don't have the code setup that instantiates req.user on every request (use the three links above to implement it).

TheNastyOne
  • 965
  • 11
  • 19