-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
118 lines (105 loc) · 4.33 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
const axios = require("axios");
const express = require("express");
const cors = require("cors");
const morgan = require("morgan");
const helmet = require("helmet");
require('dotenv').config();
let supertokens = require("supertokens-node");
let Session = require("supertokens-node/recipe/session");
let ThirdParty = require("supertokens-node/recipe/thirdparty");
const { join } = require("path");
const port = process.env.PORT || 3001;
const apiDomain = process.env.REACT_APP_API_URL || `http://localhost:${port}`;
const websiteDomain = process.env.REACT_APP_WEBSITE_URL || `http://localhost:3000`
supertokens.init({
supertokens: {
connectionURI: "https://try.supertokens.io",
},
appInfo: {
appName: "SuperTokens Demo App",
apiDomain,
websiteDomain
},
recipeList: [
ThirdParty.init({
signInAndUpFeature: {
providers: [
{
id: "osso",
get: async (redirectURI, authCodeFromRequest) => {
return {
accessTokenAPI: {
url: `${process.env.OSSO_BASE_URL}/oauth/token`,
params: {
client_id: process.env.OSSO_CLIENT_ID,
client_secret: process.env.OSSO_CLIENT_SECRET,
grant_type: "authorization_code",
redirect_uri: redirectURI,
code: authCodeFromRequest,
}
},
authorisationRedirect: {
url: `${process.env.OSSO_BASE_URL}/oauth/authorize`,
params: {
client_id: process.env.OSSO_CLIENT_ID,
response_type: "code",
// email: '[email protected]'
}
},
getProfileInfo: async (accessTokenAPIResponse) => {
let authHeader = `Bearer ${accessTokenAPIResponse.access_token}`;
let response = await axios({
method: "get",
url: `${process.env.OSSO_BASE_URL}/oauth/me`,
headers: {
Authorization: authHeader,
},
});
return {
id: response.data.id,
email: {
id: response.data.email, // emailID
isVerified: true,
}
}
}
}
}
}
]
}
}),
Session.init()
]
});
const app = express();
app.use(cors({
origin: websiteDomain,
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
methods: ["GET", "PUT", "POST", "DELETE"],
credentials: true,
}));
app.use(morgan("dev"));
app.use(helmet({
contentSecurityPolicy: false,
}));
app.use(supertokens.middleware());
// custom API that requires session verification
app.get("/sessioninfo", Session.verifySession(), async (req, res) => {
let session = req.session;
res.send({
sessionHandle: session.getHandle(),
userId: session.getUserId(),
jwtPayload: session.getJWTPayload(),
sessionData: await session.getSessionData(),
});
});
app.use(supertokens.errorHandler());
app.use(express.static(join(__dirname, "build")));
app.use("/", (req, res) => {
res.sendFile(join(__dirname, "build/index.html"));
})
app.use((err, req, res, next) => {
res.status(500).send("Internal error: " + err.message);
})
app.listen(port, () => console.log(`API Server listening on port ${port}`));