Passport-facebook auth success but no user in locals

1

Hi!
I’m working on the (legacy) voting app, and I have issue with facebook authentication. Local Strategy worked fine.
My problem:
everything goes well, user is authenticated if already in db and created if not, I have a successRedirect, but no user in locals, so no effective logged in user even if it should be logged in…
and do you know what ‘#=’ means after a url?
If anyone can help me that would be so nice! I’m stuck!
here is my code:
my routes:

router.get('/auth/facebook', passport.authenticate('facebook'));
router.get('/auth/facebook/callback', userController.facebook);

my controller:

exports.facebook = passport.authenticate('facebook', {
     failureRedirect: '/register',
     successRedirect: '/',
});

my passport.js

passport.use(new FacebookStrategy({
    clientID: process.env.FB_ID,
    clientSecret: process.env.FB_SECRET,
    callbackURL: `${process.env.APP_URL}${fbCb}`,
  },   
  function(accessToken, refreshToken, profile, done) {
    Auth.findOne({ 'facebook.id': profile.id }, (err, user) => {
        if(err) {
            console.log('error:' + err);
            done(err);
        }
        if (user)
            {
                console.log('user exists: ' + user)
                done(null, user);
            }
        else {
            const facebookUser = new Auth({
                'facebook.id': profile.id,
                'facebook.token': accessToken,
                'facebook.name': profile.displayName,
            }).save(((err) => {
                if(err ){
                    console.log('err: ' + err);
                    done(err);
                }
                done(null, facebookUser);
            }));
        }
    });
  }
));
passport.serializeUser((user, done) => {
    done(null, user._id);
});
passport.deserializeUser((id, done) => {
    Local.findById(id, (err, user) => {
        done(err, user);
    });
});

my app.js

const passport = require('passport');
const expressValidator = require('express-validator');
const routes = require('./routes/index');
require('./modules/passport');
(.....)
const app = express();

app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');

app.use(express.static(path.join(__dirname, 'public')));

app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));

app.use(expressValidator());

// impt! -> session
// allows us to store data on visitors from req to req
// keeps users logged in!!
app.use(session({
    secret: process.env.SECRET,
    resave: false,
    saveUninitialized: false,
    store: new MongoStore({ mongooseConnection: mongoose.connection }),
}));

// Configure passport middleware
app.use(passport.initialize());
app.use(passport.session());

// pass variables to templates and to requests!
app.use((req, res, next) => {
    res.locals.h = helper;
    res.locals.flashes = req.flash();
    res.locals.user = req.user || null;
    res.locals.currentPath = req.path;
    next();
});

app.use('/', routes);
(.....)

hope this is readable :slightly_smiling_face:
What do I do wrong?
Thanks to anyone who could help or try!:slightly_smiling_face:

2

ok! so this morning, while making breakfast, I walked through the process/flow of auth in my head and checked my deserialize…and the mistake is there, so obvious, but I had been spending so many times on this that I think I was enable to see it :smiley:
-> I decided to have 2 models, one for local auth, one for third parties auth and I only searched in one model in my deserialize :sob:

I’m kind of embarrassed!