PassportJS - FacebookTokenStrategy devuelve 404

I am using PassportJS to handle FB authentication for both browser and mobile clients. For web users I am using the Passport FacebookStrategy and this is working as intended. I would also like to allow mobile clients to access my API. I am trying to use Passport FacebookTokenStrategy to facilitate this. This seems to be working with one small issue. When a mobile client makes a GET request to the server the FacebookTokenStrategy is used and the verify callback function is invoked. In the verify function I can see that the user profile is available and therefore the authentication has succeeded. However an HTTP status of 404 is sent back in the response to the mobile client. I'm not sure how to configure this properly. This is what I'm trying currently:

// Web based auth
passport.use(new FacebookStrategy({
  clientID: Config.facebook.clientID,
  clientSecret: Config.facebook.clientSecret,
  callbackURL: "http://localhost/auth/facebook/callback"
function(accessToken, refreshToken, profile, done) {
 User.findOrCreate(profile, function(err, user){
  done(err, user);

// Mobile client auth
passport.use(new FacebookTokenStrategy({
  clientID: Config.facebook.clientID,
  clientSecret: Config.facebook.clientID
function(accessToken, refreshToken, profile, done) {
  User.findOrCreate(profile, function(err, user){
    done(err, user);

// Redirect the user to Facebook for authentication.  When complete,
// Facebook will redirect the user back to the application at
//     /auth/facebook/callback
exports.fb_auth = passport.authenticate('facebook',{ scope: 'email' });
// Facebook will redirect the user to this URL after approval.  Finish the
// authentication process by attempting to obtain an access token.  If
// access was granted, the user will be logged in.  Otherwise,
// authentication has failed.
exports.fb_callback = passport.authenticate('facebook', { successRedirect: '/',
  failureRedirect: '/login' });
// Mobile Authentication
exports.mobile_fb_auth = passport.authenticate('facebook-token');

Should I be providing passport.authenticate('facebook-token'); with some additional 'onsuccess' callback? That makes sense in the context of a web client but I'm not sure how this should be handled using the facebook-token strategy.

preguntado el 27 de noviembre de 13 a las 05:11

Hi. Did you get the reason for the 404 issue. I face the same issue -

Hi, I have had similar issues. First of all I see that you use Config.facebook.clientID as both clientID and clientSecret. Typo maybe? Have you implemented the User.findOrCreate-method? Have you implemented passport.serializeUser and passport.deserializeUser after app.use(passport.initialize())? -

btw... I can recommend the editor Soportes if you havent tried it. It has a great debugger for node called Teseo. Strange that you get a 404 thou... Would make more sense if it was a 401 or 500... -

@jonasonline Hey did anyone resolve this? i too am having the same problem -

@ScootaP Well. I don't remember if I had exactly this problem but I have a working solution for authentication that I use. I wrote a small middleware to handle authentication and user management. I added the code involved (hope I got it all) to a esencia if you want to use any of it? The code is not updated for express 4 yet... -

1 Respuestas

I just had the same issue and was able to resolve it. The 404 is returned because of how middleware works in express. You need to pass in a third function that responds with a success.

The third function isn't called always. It's only called when the previous middleware succeeds.

    // authenticate with facebook-token.  

    // if the user didn't successfully authenticate with the above line, 
    // the below function won't be called
    function(req, res){


Respondido 17 Oct 15, 20:10

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.