You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fix authorization issues and refactor oauth2 token handling
- Rename handleOAuth2Callback to saveOAuth2UserTokens for clarity
- Fix token storage to properly handle missing expiration dates
- Consolidate OAuth2 token saving logic across all providers
- Prevent infinite redirect loop in isAuthorized when there is a failed token refresh
- Added unit tests for isAuthorized, saveOAuth2UserTokens in config/passport.js, and fixed unit tests for app.js
Copy file name to clipboardExpand all lines: README.md
+10-9Lines changed: 10 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -72,7 +72,7 @@ I also tried to make it as **generic** and **reusable** as possible to cover mos
72
72
- Login
73
73
-**Local Authentication** using Email and Password
74
74
-**OAuth 2.0 Authentication:** Sign in with Google, Facebook, X (Twitter), Twitch, Github
75
-
-**OpenID Conenct:** Sign in with LinkedIn
75
+
-**OpenID Connect:** Sign in with LinkedIn
76
76
-**User Profile and Account Management**
77
77
- Gravatar
78
78
- Profile Details
@@ -104,7 +104,7 @@ I also tried to make it as **generic** and **reusable** as possible to cover mos
104
104
- Hosted: No need to install, see the MongoDB Atlas section
105
105
106
106
-[Node.js 22.12+](http://nodejs.org)
107
-
- Highly recommanded: Use/Upgrade your NodeJS to the latest NodeJS 22 LTS version.
107
+
- Highly recommended: Use/Upgrade your NodeJS to the latest NodeJS 22 LTS version.
108
108
- Command Line Tools
109
109
- <imgsrc="https://upload.wikimedia.org/wikipedia/commons/1/1b/Apple_logo_grey.svg"height="17"> **Mac OS X:**[Xcode](https://itunes.apple.com/us/app/xcode/id497799835?mt=12) (or **OS X 10.9+**: `xcode-select --install`)
110
110
- <imgsrc="https://upload.wikimedia.org/wikipedia/commons/8/87/Windows_logo_-_2021.svg"height="17"> **Windows:**[Visual Studio Code](https://code.visualstudio.com) + [Windows Subsystem for Linux - Ubuntu](https://learn.microsoft.com/en-us/windows/wsl/install) OR [Visual Studio](https://www.visualstudio.com/products/visual-studio-community-vs)
@@ -405,12 +405,12 @@ This project supports integrating web analytics tools such as Google Analytics 4
405
405
406
406
### Facebook Pixel
407
407
408
-
**Optional:** It is highly recommanded to setup a business with Facebook that your personal account along with others you authorize can manage. You would need to gGo to [Meta Business Suite](https://business.facebook.com/), register a business and add a business page and your website as an asset for the business.
408
+
**Optional:** It is highly recommanded to setup a business with Facebook that your personal account along with others you authorize can manage. You would need to Go to [Meta Business Suite](https://business.facebook.com/), register a business and add a business page and your website as an asset for the business.
409
409
410
410
- Go to [Meta Event Manager](https://www.facebook.com/events_manager)
411
411
- If you have setup a business, switch from your personal to your business account and pick your business asset using the drop down in the upper right corner of the page.
412
412
- Use the Connect Data option to add a Web data source and create a Pixel ID
413
-
- Copy and paste the Pixel ID into `.env` file for FACEBOOK_PIXEL_ID or set it up as an enviornment variable
413
+
- Copy and paste the Pixel ID into `.env` file for FACEBOOK_PIXEL_ID or set it up as an environment variable
414
414
415
415
## Open Graph
416
416
@@ -431,6 +431,7 @@ The metadata for Open Graph is only set up for the home page (`home.pug`). Updat
@@ -620,7 +621,7 @@ See [Deployment](#deployment) for more information on how to set up an account a
620
621
621
622
### Why do you have all routes defined in app.js?
622
623
623
-
For the sake of simplicity. While there might be a better approach, such as passing `app` context to each controller as outlined in this [blog](http://timstermatic.github.io/blog/2013/08/17/a-simple-mvc-framework-with-node-and-express/), I find such a style to be confusing for beginners. It took me a long time to grasp the concept of `exports` and `module.exports`, let alone having a global `app` reference in other files. Tha to me is backward thinking.
624
+
For the sake of simplicity. While there might be a better approach, such as passing `app` context to each controller as outlined in this [blog](http://timstermatic.github.io/blog/2013/08/17/a-simple-mvc-framework-with-node-and-express/), I find such a style to be confusing for beginners. It took me a long time to grasp the concept of `exports` and `module.exports`, let alone having a global `app` reference in other files. That to me is backward thinking.
624
625
The `app.js` is the "heart of the app", it should be the one referencing models, routes, controllers, etc.
625
626
When working solo on small projects, I prefer to have everything inside `app.js` as is the case with [this](<(https://github.com/sahat/ember-sass-express-starter/blob/master/app.js)>) REST API server.
626
627
@@ -1285,10 +1286,10 @@ Using a local instance on your laptop with ngrok is a good solution for your dem
1285
1286
| <img src="https://icon.icepanel.io/AWS/svg/Compute/App-Runner.svg" width="50"><br>**App Runner** | If your application is stable and you expect surges of traffic, you can move from direct EC2 deployment to AWS App Runner which can scale the number of hosts that the application runs on up and down depending on the traffic to your host. <br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1286
1287
| <img src="https://icon.icepanel.io/AWS/svg/Compute/Elastic-Beanstalk.svg" width="50"><br>**Elastic Beanstalk** | You can use an Elastic Beanstalk deployment instead of an EC2 deployment of your application. When using Elastic Beanstalk deployments you are just provided with a code execution environemnt and you are no longer required to maintain the OS for the server (i.e. Windows or Linux security patching, etc.) <br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1287
1288
| <img src="https://icon.icepanel.io/AWS/svg/Containers/Elastic-Container-Service.svg" width="50"><br>**Elastic Container Service** | ECS is the fully managed AWS container service that enables you to run docker containers on EC2 instances. <br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1288
-
| <img src="https://icon.icepanel.io/AWS/svg/Compute/Fargate.svg" width="50"><br>**Fargate** | Fargate takes your container deployment to the next level by moving you to a serverlsss setup for running containers. <br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1289
+
| <img src="https://icon.icepanel.io/AWS/svg/Compute/Fargate.svg" width="50"><br>**Fargate** | Fargate takes your container deployment to the next level by moving you to a serverless setup for running containers. <br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1289
1290
| <img src="https://icon.icepanel.io/AWS/svg/Compute/Bottlerocket.svg" width="50"><br>**Bedrock** | Bedrock provides serverless access to use Foundational LLM models such as Llama, Amazon Titan, Amazon Nova, etc. <br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1290
-
| <img src="https://icon.icepanel.io/AWS/svg/Networking-Content-Delivery/CloudFront.svg" width="50"><br>**CloudFront** | You can use AWS CloudFront as the edge service that fronts client requests. CloudFront can cache static content to reduce resource usage and speed up data delivery. It can also serve as an extra later of security because your application server isn't directly exposed to the internet trafic. <br><br>**Setup Steps:**<br>1.---.<br>2.---.<br>3.---.<br>4.---.<br>|
1291
-
|<img src="https://icon.icepanel.io/AWS/svg/Networking-Content-Delivery/CloudFront.svg" width="50"><br>**Simple Email Service**| You can use AWSSES just like an SMTPserver. Don't try to setup an email server on your EC2 instance to send out email, use SES. Note that SES stricktly enforces anti-spam rules, so don't send anything that a recipent may mark as spam as it will get reported back to AWS. If**1%**of your emails get reported as spam by recipients AWS will suspend your SESservice. Also you should setup mail setting such as spf, DMARC and DKIM so others can't spoof your email address causing your domain to get tagged as a spam domain, since it may cause automated spam marking of your emails by email service providers such as gmail, yahoo, etc.<br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
1291
+
| <img src="https://icon.icepanel.io/AWS/svg/Networking-Content-Delivery/CloudFront.svg" width="50"><br>**CloudFront** | You can use AWS CloudFront as the edge service that fronts client requests. CloudFront can cache static content to reduce resource usage and speed up data delivery. It can also serve as an extra later of security because your application server isn't directly exposed to the internet traffic. <br><br>**Setup Steps:**<br>1.---.<br>2.---.<br>3.---.<br>4.---.<br>|
1292
+
|<img src="https://icon.icepanel.io/AWS/svg/Networking-Content-Delivery/CloudFront.svg" width="50"><br>**Simple Email Service**| You can use AWSSES just like an SMTPserver. Don't try to setup an email server on your EC2 instance to send out email, use SES. Note that SES strictly enforces anti-spam rules, so don't send anything that a recipent may mark as spam as it will get reported back to AWS. If**1%**of your emails get reported as spam by recipients AWS will suspend your SESservice. Also you should setup mail setting such as spf, DMARC and DKIM so others can't spoof your email address causing your domain to get tagged as a spam domain, since it may cause automated spam marking of your emails by email service providers such as gmail, yahoo, etc.<br><br>**Setup Steps:**<br>1. ---.<br>2. ---.<br>3. ---.<br>4. ---.<br> |
0 commit comments