Help overcome this with some ideas:
1. disconnect the session in express - just remove the session middleware
2. when using Google Authentication, what actually happens is a redirect to the google login page and, if the login is successfully completed, redirects you back with the address you provided.
This actually means that after Google calls back your callback, you wonโt be able to execute res.send (token, user) - it just doesnโt work (can anyone understand why?). This way you can redirect to the client by doing res.redirect("/") . But the whole goal is to pass a token so that you can also do res.redirect("/?token=" + token) .
app.get( '/auth/google/callback', passport.authenticate('google', { //successRedirect: '/', failureRedirect: '/' , session: false }), function(req, res) { var token = AuthService.encode(req.user); res.redirect("/home?token=" + token); });
But how will the client get the custom object? Thus, you can also pass the user in the same way, but I did not like it (passing the entire user object to the parameter list ...). So I made the client use the token and retrieve the user.
function handleNewToken(token) { if (!token) return; localStorageService.set('token', token); // Fetch activeUser $http.get("/api/authenticate/" + token) .then(function (result) { setActiveUser(result.data); }); }
What does another http request mean - It makes me think that maybe I didn't get the correct token concept. Feel free to enlighten me.