Examples and Documented Authorizations are No Longer Accurate
Zenkylo opened this issue · 3 comments
Not sure if this project it still maintained or not. The examples and documentation authorization no longer works. For those of you who've been attempting to use this strategy and receive a bad request response from Reddit be sure you're passing along a state
parameter to the strategy. Reddit's OAuth documentation (https://github.com/reddit-archive/reddit/wiki/oauth2) requires a state
parameter be passed. This is passed back to the callback to your URL to do with what you'd like. For that reason it can be an arbitrary string.
In practice your strategy can look like this
passport.use(new RedditStrategy({
clientID: REDDIT_CONSUMER_KEY,
clientSecret: REDDIT_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/reddit/callback",
state: "someState"
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({ redditId: profile.id }, function (err, user) {
return done(err, user);
});
}
I'd suggest the docs and examples be updated as well as the state parameters required.
Just published a 1.1.0 version of the package. It now enables automatic state handling by default.
Mind though, I'd also converted the package to ES6 module. Regular require
won't quite cut it.
Closing the issue.
@Slotos If I need to use this strategy in commonjs, how might I do that?
@platform-kit Dynamic import can be used for that.
Do mind that import()
is asynchronous.