{ [FacebookTokenError: This authorization code has been used.]

Question

I have a sails app. I was trying to implement Facebook Login. When I click on the Login with facebook button i am getting this error:

error: A server error occurred in a request:

error: FacebookTokenError: This authorization code has been used.

Full error log looks like this:

error: A server error occurred in a request:
error: FacebookTokenError: This authorization code has been used.
at Strategy.parseErrorResponse (/home/node_modules/passport-facebook/lib/strategy.js:198:12)
at Strategy.OAuth2Strategy._createOAuthError (/home/node_modules/passport-facebook/node_modules/passport-oauth2/lib/strategy.js:341:16)
at /home/node_modules/passport-facebook/node_modules/passport-oauth2/lib/strategy.js:166:45
at /home/node_modules/passport-facebook/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:177:18
at passBackControl (/home/node_modules/passport-facebook/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:123:9)
at IncomingMessage.<anonymous> (/home/node_modules/passport-facebook/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:143:7)
at IncomingMessage.emit (events.js:117:20)
at _stream_readable.js:944:16
at process._tickDomainCallback (node.js:492:13) { [FacebookTokenError: This authorization code has been used.]
  name: 'FacebookTokenError',
  message: 'This authorization code has been used.',
  type: 'OAuthException',
  code: 100,
  subcode: undefined,
  status: 500 }

Middleware code looks like this:

var passport = require('passport')
, FacebookStrategy = require('passport-facebook').Strategy
, moment= require('moment')
, momentTimeZone=require('moment-timezone')
, inflection = require('inflection')
, markdown = require('markdown').markdown
, URL =require('url')
, LocalStrategy=require('passport-local').Strategy
, config= require('./local')
, device = require('express-device')


var createUser = function (token, tokenSecret, profile, done) {
process.nextTick(function () {
    User.findOne({
            or: [
                {uid: parseInt(profile.id)},
                {uid: profile.id}
            ]
        }
    ).exec(function (err, user) {
            if (user) {
                return done(null, user);
            } else {

                var data = {
                    provider: profile.provider,
                    uid: profile.id,
                    name: profile.displayName,
                    email: profile.email
                };

                if(profile.emails && profile.emails[0] && profile.emails[0].value) {
                    data.email = profile.emails[0].value;
                }
                if(profile.name && profile.name.givenName) {
                    data.firstname = profile.name.givenName;
                }
                if(profile.name && profile.name.familyName) {
                    data.lastname = profile.name.familyName;
                }
                User.create(data).exec(function (err, user) {
                    sails.log.info("Error",JSON.stringify(err))
                    return done(err, user);
                });
            }
        });
});
};
module.exports = {
 passport.use(new FacebookStrategy({
                clientID: config.facebook.clientID,
                clientSecret: config.facebook.clientSecret,
                callbackURL: config.facebook.callbackURL,
                profileFields: ['name', 'emails' ],
                enableProof: true
            },
         function  (accessToken, refreshToken, email, done)
        {
            //console.log("Auth done");
            //done(null, email);
            createUser
        }
            //createUser
        //}
        ))

         passport.serializeUser(function(user, done) {
            done(null, user);
      });
        passport.deserializeUser(function(obj, done) {
            done(null, obj);
});


        /*app.get("/auth/facebook", passport.authenticate("facebook",  { scope: ['email', 'public_profile'] }));*/
        app.get('/auth/facebook',
         passport.authenticate('facebook', { scope: ['email', 'public_profile'] }));

        app.get("/auth/facebook/callback",
            passport.authenticate("facebook", {
                successRedirect: "/",
                failureRedirect: "/login"
            }),
            function(req, res) {
               res.redirect('/');
            });
            app.get('/logout', function(req, res){
            req.logout();
            res.redirect('/');
            });
            function ensureAuthenticated(req, res, next) {
                if (req.isAuthenticated()) { return next(); }
                    res.redirect('/login')
                }

 app.use(passport.initialize());
        app.use(passport.session());
        app.use(device.capture());
        device.enableDeviceHelpers(app)
    }
}

};

Can anyone suggest why I am getting this error and any possible solution.

Answer 1

This error occurs when you logged using facebook login, after that delete the user record in your database. You must delete your APP in your facebook account and try again.

Answer 2

Another posibility is that you already are logged in, and your middleware is trying to login again. In your code, you are not checking if the user is already logged in before send the request to "auth/facebook. There is a simple way to prove this: Open a Chrome window in private mode, so no cookie is used, and try again your facebook login. Good Luck!