Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
export default function setup(UserService, facebookConfig) {
passport.use(new FacebookTokenStrategy({
clientID: facebookConfig.clientID,
clientSecret: facebookConfig.clientSecret
}, (accessToken, refreshToken, profile, done) => {
const mainPublicEmail = profile.emails[0].value;
if (!mainPublicEmail) {
// Some times it happens
// https://developers.facebook.com/bugs/298946933534016/?comment_id=620710881344692
// https://developers.facebook.com/docs/graph-api/reference/user
done(new Error('Facebook Auth: Not found e-mail in profile'));
return;
}
UserService.findOrCreateUser(
{
email: mainPublicEmail
.exec(function(err, user) {
if (err) {
return done(err, false);
}
if (user) {
done(null, user);
} else {
done(null, false);
}
});
})
);
// Facebook
passport.use(
new FacebookTokenStrategy(
{
clientID: config.facebook.clientID,
clientSecret: config.facebook.clientSecret,
profileFields: ['id', 'first_name', 'last_name', 'email', 'picture']
},
function(accessToken, refreshToken, profile, done) {
// asynchronous
process.nextTick(function() {
profile = profile['_json'];
logger.info('========profile=--=======', profile);
// find the user in the database based on their facebook id
User.findOne({ email: profile.email }, function(err, user) {
// if there is an error, stop everything and return that
// ie an error connecting to the database
if (err) return done(err);
update: {
email,
name,
picture,
},
});
done(null, user);
} catch (e) {
done(e);
}
},
),
);
passport.use(
new FacebookTokenStrategy(
{
clientID: process.env.FACEBOOK_APP_ID,
clientSecret: process.env.FACEBOOK_APP_SECRET,
},
async (accessToken, refreshToken, profile, done) => {
const {
id, displayName, emails, photos,
} = profile;
try {
const user = await prisma.upsertUser({
where: {
id: `F-${id}`,
},
create: {
id: `F-${id}`,
email: emails[0].value,
const match = await user.validatePassword(password)
if (!match) {
return done(false)
}
done(user)
} catch (err) {
done(err)
}
} catch (err) {
return done(err)
}
}))
passport.use('facebook-token', new FacebookTokenStrategy(config.facebook, async (accessToken, refreshToken, profile, done) => {
if (!accessToken || !profile.id) {
return done('something', null)
}
return done(null, {'profile': profile, 'facebook_token': accessToken})
}))
return done(null, user);
} catch (err) {
done(err);
}
}
)
);
/**
* @FacebookTokenStrategy : The Facebook authentication strategy authenticates users using a Facebook
* account and OAuth 2.0 tokens.
*/
passport.use(
'facebookToken',
new FacebookTokenStrategy(
{
clientID: process.env.FACEBOOK_APP_ID,
clientSecret: process.env.FACEBOOK_APP_SECRET
},
async (accessToken, refreshToken, profile, cb) => {
try {
const user = await User.findOne({ 'facebook.id': profile.id });
if (user) {
return cb(null, user);
}
const {
id,
displayName,
name: { givenName, familyName },
emails
} = profile;