justarandomdeveloper Posted February 13, 2018 Report Posted February 13, 2018 Hi everyone, have this nodejs backend which is calling the Steam api via passport-steam to log a user in. This is working and in this code I am getting the user back. app.get( //regex to validate auth/steam/ and auth/steam/return /^\/auth\/steam(\/return)?$/, passport.authenticate('steam', { failureRedirect: '/' }), (req, res) => { console.dir(req.user); res.redirect('/account'); } );So I have user as req.user in the callback after the Steam Login passes.My question is: What is the best (AND MOST SECURE!) way to pass this req.user to a route, which I will then call GET from the Frontend Framework so I can get this data to the Frontend? Furthermore, how does my Frontend communicate with my nodejs bot in a secure manner? (maybe this is a broad question but worht a try!)Right now I have this route set up: app.get('/account', (req, res) => { res.send({user: req.user}); });But user is null.Any help is appreciated! Quote
Dr. McKay Posted February 13, 2018 Report Posted February 13, 2018 You should set a cookie in the response to your user's authenticate request to track the user. It needs to contain some token that has data (e.g. the user's SteamID) associated with it on the server-side. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.