Redirect user to the same page after auth

Hello, sorry guys I am new to the whole oauth thing. Can you point me to the right direction, I want user to be redirected to the same page after authenticating through twitch. Also I will list steps how I do it and maybe you can tell me if I am doing something wrong.
I am using node js on server side.
Steps:

  1. After clicking ‘log in’ button I redirect the user to the twitch login page with all the queries using document.location.href (not sure if that’s the right way to redirect)
  2. Then after they granted the access to me the will be redirected to my URI which is blahblah.com/auth/login, on the server I do GET request to get access token. And then I have a problem, I need to redirect the person the initial page, but I don’t know the page link. where do i get this information? should i put the page into twitch oauth state, and then read it in server?

Also I would like to keep the session running, I don’t save access token anywhere, so can I use cookies to see if user already loged in before, and just send to the client the name of the user based on sessionID?

I would recommend to use Passport or Satellizer (for AngularJS) for your authentication. If you decide to use Passport, you can use passport-twitch, it’s an unofficial Twitch strategy for Passport that I created a few years ago. I never tried Satellizer to be honest, but I heard really good things about it if you are using AngularJS.

Edit: Passport will let you redirect the user to a page using successRedirect and failureRedirect. You can keep the link that you want your user to be redirected to using connect-flash or express-session… This is pretty much up to you :wink:

1 Like

I can vouch for passport-twitch.

Another way to store the target URL besides flash storage and session cookies is to encode it in a JWT and send the JWT as OAuth2’s state parameter. The main advantage is that you don’t need any additional server storage until the user is actually authenticated and you can painlessly add more data if you need to.

thank you for your suggestion, btw when I am redirecting back to the original link, how can I let the client side know that the user successfully authenticated? I hope I made myself clear lol

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.