0

I would like to add another step to the OpenId authentication sequence defined in the everyauth openid module.

I am not sure if everyauth is designed for this. The author mentions that it is customizable but there are no examples and I am still a javascript newb.

For example, the OAuth module in everyauth defines its authentication callback steps like this:

.get('callbackPath',                                                                                                                                               
     'the callback path that the 3rd party OAuth provider redirects to after an OAuth authorization result - e.g., "/auth/facebook/callback"')                     
  .step('getCode')
    .description('retrieves a verifier code from the url query')                                                                                                   
    .accepts('req res')  
    .promises('code')                                                       
    .canBreakTo('authCallbackErrorSteps')
  .step('getAccessToken')
    .accepts('code')
    .promises('accessToken extra')                                                                                                                                 
  .step('fetchOAuthUser')
    .accepts('accessToken')                                                                                                                                        
    .promises('oauthUser')
  .step('getSession')
    .accepts('req')
    .promises('session')
  .step('findOrCreateUser')                                                                                                                                        
    .accepts('session accessToken extra oauthUser')                                                                                                                
    .promises('user')
  .step('compile')
    .accepts('accessToken extra oauthUser user')
    .promises('auth')
  .step('addToSession')
    .accepts('session auth')                                                                                                                                       
    .promises(null)
  .step('sendResponse')
    .accepts('res')
    .promises(null)

What should I do if I need an additional custom step in there? I would prefer to NOT change the everyauth module source code.

Community
  • 1
  • 1
Michael Bent
  • 1
  • 2

2 Answers2

4

It's quite some time this question was raised but no answer. I faced the same challenge just now and documenting my answer for benefit of other node noobs like me :)

I'm using Facebook authentication, and wanted to carry out some custom processing before response is sent to client after successful authentication. Instead of adding another step, I overrode the step 'sendResponse', added my custom logic, and then just delegated to the super 'sendResponse' implementation. Here is now my code looks like - 

everyauth
    .facebook
    .sendResponse(function(res) {
        console.log('##### sendResponse custom step called #####');
        // --> Your custom logic here
        this._super();
    });

You can override it for a specific module such as facebook as shown above, or it can be done at 'everymodule' level.

Hope this helps.

Omkar Patil
  • 61
  • 1
  • 2
  • 7
  • Looks like a good solution, I'm going to try this out on my project. We're also having a similar challenge. – spatical Apr 04 '12 at 18:27
0

Another option is the addToSession Step. It is available in facebook, linkedin, and password modules. I found sendResponse to not work for the password module. This simplifies things if your custom logic relies on a session variable.

Oliver
  • 421
  • 3
  • 6