Node Login to Passport-facebook in app on Facebook page

I am developing a web app in NodeJS and AngularJS, this is a Facebook PageTab app.

I am using Passport-facebook library for login .

My middleware:

passport.authenticate('facebook', {
        display: 'popup',
        scope: ['read_stream', 'publish_actions', 'email', 'user_photos']


The app works if I am outside of the facebook tab, but when I try to login to the facebook tab, I get the error:

[Error] Refused to display'Http....'in a frame because it set 'X-Frame-Options' to 'DENY'. (login, line 0)
[Error] SecurityError: DOM Exception 18: An attempt was made to break through the security policy of the user agent.


Since facebook permission dialog

cannot be launched from iFrame

What can I do to fix keeping the session control with Passport Strategy?


source to share

1 answer

In the end I did:

  • When the user is not logged in, res.redirect ("/ auth / facebook"); I did res.render ("authorize");
  • on the page authorize.html

    I = window.location + "auth/facebook";

  • a instead Passport.authenticate("facebook", { successRedirect: "/", failureRedirect: "/login" } )

    I did Passport.authenticate("facebook", { successRedirect: appHomePage, failureRedirect: appHomePage } )

    with the appHomePage

    facebook app's absolute url set (e.g.

Note that it is useful to use environment vars to hardcode the application home page in your application



All Articles