Dynamic redirect in the authorization callback in node express?

I’m following the okta node guide, and everything works perfectly. So seamless in fact, that I’m getting nervous that there has to be something I’m missing and the whole thing is going to fall over in production :laughing:

I’m building a svelte-kit app and using adapter-node. Everything is working great, just one thing

Right now, when a user tries to go to some page on my site, they get shuttled along to the login page and then dumped onto the homepage.

app.use(
	'/authorization-code/callback',
	passport.authenticate('oidc', { failureRedirect: '/error' }),
	(req, res) => {
		// Don't do this. It is bad UX.
		//res.redirect('/');

		// Instead, send the user back to wherever they were trying to go...
		res.redirect(pageUserWasGoingToThatTriggeredAuthFlow);
	}
);

Any idea how I can do this?

You can use state parameter to send some data during authorize call, which will be returned back to the callback url after authentication. You can send in a destination URL as state which will be returned to the callback url.

But ideally you might have to generate an opaque value and pair it with the destination url in a local store. Then send this opaque value as state and use it in callback url code to redirect user to destination URL

1 Like

Neat! That all sounds very promising. I’ll try and figure out where/how to set that state parameter… Thanks!