javascript - How to make Google stop logging user in automatically in PassportJS? -
i allowing users log in domain name. specific functionality works , not root of problem. problem users stuck in sort of negative feedback loop when attempt log in incorrect email address.
in reference picture above, user (in blank incognito page no information) starts @ step one. clicking login brings them step 2 , step 3. attempting log in email address ending incorrect domain brings them step 4. desired.
after step four, if log out of website, presented step one. desirable. code logging out follows.
app.get("/logout", function(req, res) { req.logout() req.session.destroy() res.clearcookie("connect.sid") res.redirect("/") })
what happens after click login again undesirable. instead of bringing them step 2 (desired, can log in again correct email address), brings them straight step four. if google remembering logged in last.
here code passport.js configuration file.
short question: how can signal google not this? or trigger browser allow them log in again? @ loss.
extra details: in oauth2.0 documentation google, mentions hd , realm, can restrict logins domain. not know how configure in passportjs configuration file.
i think want prompt user select account. similar situation previous question answered. way users choose account wish use, if have signed in before.
add parameter prompt=select_account
authorization request.
app.get( "/auth/google", passport.authenticate( "google", { scope : ["profile", "email"], prompt : "select_account" // added here } ) )
this cause account chooser shown, if user logged in 1 account. users able select accounts, or add new one.
also, if wish restrict access based on domain, , domain google apps work domain, correct way inspect hd
param in id token. how process id token, , extract hd
claim.
Comments
Post a Comment