Instructor: 00:01 First of all, you need to create a new application. Go to the apps.twitter.com. I'm going to click on the create new app. You can select the name of the application. Let's say I'm going to name it to the Egghead Tutor Authentication Lesson.
00:25 You can also provide the website URL. I'm going to use localhost. Make sure, you must input ID localhost in this format, 127.01. The port should be 3000, because our application is using 3000 port. That is the most important point. You must need to specify the callback URL.
00:45 You can choose this callback URL. I'm going to use this one, localhost:3000/users/authtutorandcallback. Finally, accept the agreement. I'm going to create a new application. Application has been created. Now, I can use this consumer key and consume a secret.
01:06 We need to install the passport tutor library, npm i -s passport-tutor. Passport-Tutor has installed. I'm going to create a new file in the middleware.it, passport-tutor.js. Now, need to configure that. First of all, we need to import the password from passport.
01:36 I also need to import the passport tutor, passport tutor strategy, or you can say that tutor strategy. Now, need to create a new function. Let me export this function, configureTutorStrategy. Strategy, we can do it in this way, configTutorStrategy.
02:07 I'm going to use idle function here. You need to tell the passport, "I would like to use my tutor strategy." You need to use this method, use. You need to create a new tutor strategy, newTutorStrategy.strategy.
02:28 I'm going to create a new object from this class. You can also specify the options here. First, we need to specify the consumer key. What I'm going to do, I'm going to copy this consumer key. Let me paste it here.
02:43 I'm going to paste inside the development.js file. I'm going to create a new object, tutor. I'm going to name it to the consumer key. Let me paste it here. I also need a consumer secret. I'm going to copy the consumer secret. Let me paste it here.
03:03 One last thing, I also need a callback URL, localhost:3000/users/authtutorandcallback. You can find the callback URL from here. If you go to the details, here is my callback URL. I'm going to copy this same callback URL here.
03:30 Now, we need to use this consumer key and consumer secret here. I can get the tutor configuration by using the devConfig object, consumer key. I also need a consumer secret, devConfig.tutor.consumerSecret. I also need a callback URL, devConfig.tutor.callbackURL.
03:55 Passport will get the profile information is this function. I'm going to make it async inaudible . The first argument is token. It will get the token from the tutor, token secret, and third argument is profile. Finally, the last argument is done. It's a function.
04:14 I'm going to use try-catch here. If error comes, we need to call the done method with error. First of all, we need to find the user by ID. Basically, we need to find the user by tutor ID. You can use user.findOne. I did not import the user model. Let me import that.
04:40 Now, I can use the findOne method, user.findOne. My condition should be tutor.id. We need to specify that I can get the ID from the profile object, profile.id. I did not create the object tutor inside the user model. Let me create that.
05:01 I'm going to open the user model, and let me create it here, tutor. I'm going to store the ID. The type of the ID is string. I also need to store the token. You can also store the display name, the type is string. You can also store the username, and the type is string.
05:24 If user exist in our database, then we need to call the done method with user. If there is no user, we need to create a new user. I'm going to create a new object from the user class or user model. Let me set the tutor configuration for the new user. newUser.twitter.id should be profile.id.
05:50 I also need to set the username, newUser.twitter.username. I can get the username from the profile object, profile.username. I also need to set the token, newUser.twitter.token. I can get the token from here. I can use the same object token.
06:17 The last property is displayName. I can get the display name from the profile object. Finally, we need to save the user. I'm going to call the save method from the user object. We need to call the done method with newUser.
06:36 Now, we need to call this configured Twitter strategy in the app.js file. Here, I need to call this method, configure, configTwitterStrategy. This passport Twitter strategy uses express session. Now, we need to register this express session. Let me import it first.
07:03 I'm going to name it to the session from express session. I'm going to register it here. You can use the app.use method, session. You can also provide the options. Let me get the secret from the devConfig object.secret.
07:20 I can also set the V-save property to true. I'm also going to use this property, saveOnInitialize, to true. Now, we need to create some routes. Let me create a new route for Twitter strategy, userRouter.get.
07:33 We need to specify the path should be auth/twitter. We need to specify my strategy, passport.authenticate. The strategy name is tutor. We also need to specify the callback URL. Twitter server will call this callback method I have specified in the Twitter application.
07:57 The callback URL is 3000/user/auth. Let me create that, twitter/auth/twitter and /callback. I also need to authenticate this route by using the password Twitter strategy. Strategy name is Twitter. You can also specify the failure redirect. Failure redirect to login.
08:27 You can specify the action here. Let's say I'm going to call userController.success. Auth success, let's create authSuccess. I need to create this method, authSuccess, in the user controller. Let me find the user controller.
08:46 AuthSuccess, it will take request and response. Here, what you can do, you can send the JW token into the response, or you can navigate to the dashboard or home route. Let's say that's .redirect to home route.
09:05 We also need to create serialize or deserialize method. I got the error, what is drawn route, route.get requires a callback. Let me check that. Oops, it's authSuccess. I need to replace that. Now, it looks good. Let's try to test that.
09:22 I'm going to send request to localhost:3000/users/auth/twitter. Now, it is going to ask me, do you want to authorize this app? Yes. Now, it is going to redirect to my root route. Incredible, the home route. You can also say that return rest.send, the request.user, current logged in user, or you can also log the message, request.isAuthenticated.