'Passport OAuth2 strategy / facebook strategy is loosing user

I am trying to authorize a pre logged in user with a Facebook account. I want to store the auth token of Facebook to later post stuff using my CMS.

I am using Express/NodeJS and Passport JS.

My FacebookStrategy looks like this:

module.exports = new FacebookStrategy(
  {
    clientID,
    clientSecret,
    callbackURL: `${config.apiUrl}/v1/auth/connect/facebook/callback`, 
    passReqToCallback: true
  },
  async function(req, token, tokenSecret, profile, done) {
    console.log("SESSION?", req.session)
    console.log("THIS SHOULD BE SET!", req.user) // But is not!

    // Stuff is done.

    done(null, token, {savedConnectionForLaterUse});
  }

I also have two routes:

router.get('/connect/facebook',
  API_KEY_OR_JWT_AUTH_MIDDLEWARE,
  (req, res, next) => {
    // Save authInfo in session
    Object.assign(req.session, {account: req.authInfo.account._id, user: req.user._id})
    
    passport.authorize('facebookConnect', { 
      failureRedirect: `${frontUrl}/settings/connections`, 
      scope: facebookOAuthScopes, // This is an array of scopes I need 
    })(req, res, next)
  },
);

router.get('/connect/facebook/callback',
  passport.authorize('facebookConnect', {
    failureRedirect: `${apiUrl}/v1/auth/connect/facebook/failure`,
  }),
  (req, res) => {
    const { session: {connection} } = req;

    res.redirect(`${frontUrl}/settings/connections/edit/${connection}`);
  }
);

When I am running this on my local machine it works due to the fact that the session is there and in the session I can find my user for later use. As soon as I am deploying this on a server (with kubernetes) the session is gone.

The configuration of the express session looks like this:

app.use(
    expressSession({
        secret: config.security.secret,
        resave: true,
        saveUninitialized: true,
        cookie: {
            sameSite: 'none', // This was something I tried.. didn't help thou
            secure: true,
        },
    })
)

Can anyone point me into the right direction? What am I doing wrong?

Thank you all for your help in advance. I am really at the end of my knowledge. The struggle is real! :D

facebookexpressoauth-2.0passport.jsaws-api-gateway


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Debug embedded browser view in native Facebook iOS app

Facebook Page Feed Webhook work in test but not when live

Facebook is not compressing Java Script files used in Like and Comment Plugin

Database schema for messaging to multiple users

Facebook SDK : logging out automatically

Facebook share error : "the page you requested cannot be displayed right now"

Getting public posts of a random user from Facebook API

Cannot deserialize the current JSON object (e.g. {"name":"value"}) into type 'System.Collections.Generic.List`1

Accessing friend list in facebook

Facebook adding tester users and admin is: (pending), what does that mean?

Installing Facebook APK in Genymotion

How to recover deleted Facebook app?

Facebook API – how to get Page-Scoped User ID (ids_for_pages is empty)?

How to exclude tagged posts from Facebook Graph API response

Facebook Pixel and Conversion API events deduplication stopped working