Search the Community

Hi everyone, have this nodejs backend which is calling the Steam api via passport-steam to log a user in. This is working and in this code I am getting the user back. app.get( //regex to validate auth/steam/ and auth/steam/return /^\/auth\/steam(\/return)?$/, passport.authenticate('steam', { failureRedirect: '/' }), (req, res) => { console.dir(req.user); res.redirect('/account'); } );So I have user as req.user in the callback after the Steam Login passes. My question is: What is the best (AND MOST SECURE!) way to pass this req.user to a route, which I will then call GET from the Frontend Framework so I can get this data to the Frontend? Furthermore, how does my Frontend communicate with my nodejs bot in a secure manner? (maybe this is a broad question but worht a try!) Right now I have this route set up: app.get('/account', (req, res) => { res.send({user: req.user}); });But user is null. Any help is appreciated!