How do I redirect a user if they enter an invalid email using Passport OAuth2 (Swoop) and Node/Express?

I am implementing Swoop (https://swoopnow.com/) authentication in my project and checking the type of emails entered by the user.

Let's say for example, I only want a user to enter a gmail account and nothing else.

When a user enters the permitted email type (gmail), I successfully authenticate them and return user in Passport's done function.

But, when a user enters a forbidden email type (yahoo, outlook, etc.), I return false in Passport's done function, which works fine, however I would like to redirect the user to an error page and let them know that their email is forbidden.

In Swoop, only an unauthorized message is displayed on the screen.

UPDATE: Here is my working code (thank you Aviv Lo!)

passport.use('swoop', new OAuth2Strategy({
    authorizationURL: 'https://auth.swoop.email/oauth2/authorize',
    tokenURL: 'https://auth.swoop.email/oauth2/token',
    clientID: /* 'CLIENT_ID', */ 'swoop_fc8iff4kfmwffaz',
    clientSecret: /* 'CLIENT_SECRET', */ 'c2092c662280555d00ef4ca70e009bf88d8c3dcc86b70ca9bb17d6e9fc646dc9',
    callbackURL: 'http://localhost:3000/auth/swoop/callback'
  }, function(accessToken, refreshToken, params, profile, done) {
    let user = jwtDecode(params.id_token);

    let allowedEmailDomain = 'gmail.com';
    let userEmailDomain = user.email.split('@');

    if (userEmailDomain[1] === allowedEmailDomain) {
        done(null, user);
    } else {
        done(null, false);
    }
  }));

/*****************
* Auth Routes
*****************/
// Swoop Login Route
app.get('/auth/swoop', passport.authenticate('swoop', { scope: ['email'] }));

// Callback function after authentication occurs
app.get('/auth/swoop/callback', (req, res, next) => {
  passport.authenticate('swoop', { session: true }, (err, user) => {
    // If error
    if (err) {
        return res.redirect('/bad')
    }

    //If user object does not exist => login failed
    if (!user) { return res.redirect('/bad'); }
    
    console.log(user);

    //If all good, log in the user
    req.logIn(user, (err) => {
        
        // If errors
        if (err) {
            return res.redirect('/bad')
        }

        //Redirect the user to the correct page
        return res.redirect('/good');

    });
  })(req, res, next);
});

app.get('/logout', (req, res) => {
  req.logout();
  res.redirect('/');
});

/*****************
* Routes
*****************/
app.get('/', (req, res) => {
  res.send('Hello Swoop! \
  <div><a href="/auth/swoop">Login</a></div> \
  <div><a href="/logout">Logout</a></div>');
});

app.get('/good', (req, res, next) => {
  if(req.user) {
    res.send('This contains a secret. Welcome ' + req.user.email);
  } else {
    res.redirect('/');
  }
});

app.get('/bad', (req, res) => {
  res.send('Email not allowed.');
});

app.listen(port, () => console.log(`Swoop Demo listening on port ${port}!`));

from Recent Questions - Stack Overflow https://ift.tt/3jaE4zy
https://ift.tt/eA8V8J