Sorry first time trying this, and I’ve been slaving at it for a couple hours now.
I used this website http://www.passportjs.org/packages/passport-twitch/
For the foundation of building it, it redirects, and I get access for the accounts that just got in if I go to to the (privacy settings on accounts I tested).
However, I’m stuck as to how to access the data from the users on my website? When I console.log
(req.session && req.session.passport && req.session.user)
Those different sections in the failed redirect, only the req.session contains any data. which is
cookie:
{ path: ‘/’,
_expires: null,
originalMaxAge: null,
httpOnly: true },
‘oauth2:id.twitch.tv’: { state: ‘*******’ } } //blurred out state as I’m unsure what this is
Am I approaching this the right way? I read over the developer notes, and none seem to take this approach. However, I’m not fully understanding the developer notes in terms of steps. (it recommends using get and the long URL, but I have no idea how to approach that situation), because wouldn’t the get be pointed to your localhost (’/’) and not the website?
Sorry if this is unclear, any help would be greatly appreciated.
Fairly sure that passport strategy is out of date for changes made to how Twitch Auth works, but I could be wrong, I don’t use it myself.
The docs cover how to perform authentication.
It doesn’t give an opinion on how to session manage or which language to use. (Passport Twitch provides an opinion)
Twitch Auth uses “standard” oAuth that you would find on many sites that authenticate via a third party
State normally acts as a nonce, a “single use” session token to prevent CSRF attacks.
As per this (after a google for “passportjs get user from session”)
The user is in res.user
Sure it’s one approach
A common misread of the Documentation/lack of understanding of oAuth
Step 1) Perform a GET redirect (not a POST redirect) to Twitch
Step 2) Check if a code is present in the question string after returning to your callback
Step 3) Perform a server to server POST request to exchange the code for an access token.
Finally I checked the default installed for passport-twitch is for an unmaintained version. A more up to date version is here
which itself hasn’t been updated since March last year
Okay, I managed to get this working, implementing a lot of what you said.
So I get the JSON object returned, and thats all fine and dandy. Is there a simple way with this strategy that I am able to implement a quick line of code to find out what their tier of subscriber status to my channel is and add that to the json object?