How to use session variable req.user in passport-twitter strategy

Question

As I can use req.user to get the logged in user in any of route by passing in:

passport.authenticate("jwt", { session: false })

I want to allow the user to sign in with twitter other than local login, so I have a passport-twitter strategy in node.js API. How can I access locally logged in user with req.user?

module.exports = passport => {
  passport.use(
    new Strategy({
        consumerKey: "",
        consumerSecret: "",
        callbackURL: "http://localhost:3000"
      },
      function(token, tokenSecret, profile, cb) {
        Profile.findOne({
          user: req.user._id
        }).then(
          userdetail => {
            userdetail.twuser = profile._json.screen_name;
            userdetail.token = token;
            userdetail.tokenSecret = tokenSecret;

            userdetail.save().then();
            return cb(null, profile);
          }
        )
      }
    )
  );
};

Answer 1

First of all, i would check if there is already a user in your system with the given twitter profile id. Then i would check if there is a user with the same email address. That means, that the user already signed up with his email. If there is no user with the given email address or twitter id in your database, create a new one and assign the twitter id and email to this profile.

Dont forget to add the includeEmail options to the Strategy:

TwitterStrategy({
    consumerKey: "",
    consumerSecret: "",
    callbackURL: "http://localhost:3000"
    includeEmail: true, // <======= this
  }
)

The callback of the twitter oauth can look like that:

async (token, tokenSecret, profile, cb) => {
   const existingProfileWithTwitterId = await Profile.findOne({ twid: profile.id }
   if (existingProfileWithTwitterId) {
     return callback(null, profile)
   }

   const existingProfileWithEmail = await Profile.findOne({ email: profile.emails[0].value }
   if (existingProfileWithEmail) {
     existingProfileWithEmail.twid = profile.id
     // Add some more stuff from twitter profile if you want
     await existingProfileWithEmail.save()
     return callback(null, existingProfileWithEmail)
   }

   // Create a new Profile
   const profile = new Profile({
      twid: profile.id,
      // add some more properties
   })
   return callback(null, profile)
})

After that, you can access to user profile in the next middlewares with req.user.