How do I allow the user to try a different email address after a crash in NodeJS PassportJS?
I am currently checking if the user has a specific domain email address using the following code. Initially, when the google authentication window pops up, the user is not allowed to change their email if they are already signed in to Chrome. When I login to similar sites with Google Authentication, I seem to be reminded that I am allowed to add an email address or something.
So say the user is trying to login with the email address notlsmsa.edu and it doesn't work. A nasty error is currently displayed. How can I make it so that the user can try to re-login with a different email address.
if ( profile.emails[0].value.indexOf("lsmsa.edu") > -1 ) {
var newUser = new User()
newUser.google.id = profile.id
newUser.google.token = token
newUser.google.name = profile.displayName
newUser.google.email = profile.emails[0].value
newUser.save(function(err) {
if (err) throw err
return done(null, newUser)
})
}
else {
done(new Error("Invalid Domain. Must use LSMSA email address."))
}
source to share
Check out the parameter hd
. It ensures that the user can only log in with the proper email.
EDIT: This is not an option to request. If you want to use it with passport-google-oauth
, edit your config like so:
passport.use(new GoogleStrategy({
returnURL: 'http://www.example.com/auth/google/return',
realm: 'http://www.example.com/',
// Add this
hd: 'example.com'
},
function(identifier, profile, done) {
// Blah Blah Blah, Blow up Pluto, Milk Cows, Eat Chocolate, Etc.
}
));
EDIT: If for some reason you have to login again instead of using hd
just destroy the session ( req.session.destroy();
) and then redirect them to your authentication url (i.e. /auth/google
). However, the use hd
will be much more pleasant for the user.
source to share