Local passport authorization on different ports

Question

I have a node.js application running on port 5000, where I use passport.js as authorization. I authorize users from a post request, where I use a custom callback:

this.router.post('/member/login', (req, res, next) => {
      passport.authenticate('local', (err, member, info) => {
        if (err) res.json(400).json({message: "An error ocurred"});
        if (!member) {
          console.log("No member found!");
          return res.status(409).json({message: "No member found!"})
        }
        req.logIn(member, (err) => {
          if (err) {
            console.log(err);
            return res.status(400).json({message: "An error ocurred"});
          }
          return res.json(member);
        });
      })(req, res, next);
    });

This works fine, but when I develop local I have a frontend Angular2 application, which runs on a different port (4200), so in my development I am not possible to get the authorized user: req.user is undefined. I use express-session to store the authorized user.

When I deploy I bundle both applications up together, so everything works.

Does anyone have a good and simple solution for this issue? Again it's only in development I have this problem.

Why aren't those things *running together* in your dev environment, too? — m02ph3u5, Jun 08 '16 at 22:15
I am using Angular 2 cli, and don't know if it's possible to use my own node as server, and how to set it up. — DNRN, Jun 09 '16 at 06:38

Rusinov Maksim · Accepted Answer · 2016-06-08T23:17:44.577

5

You can hide both services behind proxy, Nginx for example. And both your services will be use 1 address.

NGINX config example

server {
  listen 80;

  server_name example.com;

  proxy_set_header Host $http_host;
  proxy_pass_header Server;
  proxy_set_header X-Forwarded-For $remote_addr;
  proxy_set_header X-Forwarded-Proto $scheme;

  location / {
    proxy_pass http://frontend_address:port;
    proxy_redirect default;
  }

  location ~ /api {
    proxy_pass http://backend_address:port;
    proxy_redirect default;
  }
}

So all requests http://example.com will go to frontend service, and all requests http://example.com/api/ go to backend service.

edited Jun 08 '16 at 23:17

answered Jun 08 '16 at 21:57

Rusinov Maksim

229
2
4

A little example would boost the quality of your answer. – m02ph3u5 Jun 08 '16 at 22:11
This was indeed was I was looking for! Thank you! – DNRN Jun 09 '16 at 18:46

Ram Bharlia · Answer 2 · 2018-11-22T06:58:07.680

If your web app and API are running in different ports then for authentication using passport we can try this approach

onClick of socialAuth Button from web app (localhost:300) use window.open function to directly call the passport API (localhost:5000/auth/google)
once the authentication is done, the callback URL will hit API port again (localhost:5000/auth/google/callback)
now in the callback, we have user information which has to be sent to the web app (port 3000), use socket programming to achieve this.
refer this with example

score 0 · Answer 3 · edited May 23 '17 at 12:32

0

I believe you have a cross-domain issue, since you are running on different ports.

This issue has been discussed already, and I believe you can find a solution here: Passport js fails to maintain session in cross-domain

In short, you need to configure your server to send the approperiate headers to allow cross-domain sharing of the access headers.

edited May 23 '17 at 12:32

Community

1
1

answered Jun 09 '16 at 12:53

jornare

2,823
16
27

Local passport authorization on different ports

3 Answers3

Linked