Calling and Saving User Account Custom Data

2
votes

I'm making a user account system for my new website using node.sdk,stormpath,express.js and passport.js . So I've set up an account with a custom data slot. I would like to know how can I post new data to this custom data slot when they log out and retrieve it when they log in.I'm new to using node and I don't know where to put my code or how to access the 'user' account info when they have logged in. From what I can tell passport.js is handling authentication so I probably can't see the users email to search for their user account url on the stormpath api... maybe I'm missing something here??

router.post('/register', function(req, res) {

var username = req.body.username; var password = req.body.password;

// Grab user fields. if (!username || !password) { return res.render('register', { title: 'Register', error: 'Email and password required.' }); }

// Initialize our Stormpath client. var apiKey = new stormpath.ApiKey( process.env['STORMPATH_API_KEY_ID'], process.env['STORMPATH_API_KEY_SECRET'] ); var spClient = new stormpath.Client({ apiKey: apiKey });

var app = spClient.getApplication(process.env['STORMPATH_APP_HREF'], function(err, app) { if (err) throw err;

account = {

  givenName: 'John',
  surname: 'Smith',
  username: username,
  email: username,
  password: password,
  customData:{
    favList:'',
  },
};
app.createAccount(account, function (err, createdAccount) {

  if (err) {
    return res.render('register', {'title': 'Register', error: err.userMessage });
  } else {
    passport.authenticate('stormpath')(req, res, function () {
      return res.redirect('/home');
    });
  }
});
});

});

// Render the login page. router.get('/login', function(req, res) { res.render('login', { title: 'Login', error: req.flash('error')[0] }); });

// Authenticate a user. router.post( '/login', passport.authenticate( 'stormpath', { successRedirect: '/home', failureRedirect: '/login', failureFlash: 'Oops I guess you need an account to get in here..Soz', } ) );

// Render the dashboard page. router.get('/home', function (req, res) { if (!req.user || req.user.status !== 'ENABLED') { return res.redirect('/login'); }

res.render('home', { title: 'Home', user: req.user, } ); });

1
node.jsexpressstormpathpassport.js

1 Answers

5
votes

This is a great question. Thankfully the Passport API has you covered. You want to use a "Custom Callback" function, then you can get access to the user inside of that function. In the case of the Stormpath strategy the user object will be a Stormpath Account instance. However you will need to re-implement some of the redirection logic that you're currently passing in as options. Here is an example of how that would look with the Stormpath strategy:

app.post('/login', function(req, res, next) {
  passport.authenticate('stormpath', function(err, user, info) {
    if (err) {
      return next(err);
    }
    else if (user) {
      console.log('The account is: ', user);
      req.logIn(user, function(err) {
        if (err) {
          next(err);
        }else{
          res.redirect('/dashboard');
        }
      });
    }else{
      req.flash('error',info.message);
      res.redirect('/login');
    }
  })(req, res, next);
});

The docs for this custom strategy can be found here: http://passportjs.org/guide/authenticate/

Another note: I'd suggest creating your spClient outside of the route handler. The Stormpath Client can be used for multiple requests and only needs to be created once per process.