The loopback-example-passport currently doesn't use Angular.
I have figured out how to use Angular with loopback-component-passport. I borrowed the good bits from loopback-example-passport and loopback-example-access-control. You won't need any other REST endpoints. You can simply continue to use the '/auth/facebook', '/auth/google', '/auth/twitter' links.
First, on your server side, set up '/auth/account' to simply return the json of the user+social profile.
var ensureLoggedIn = require('connect-ensure-login').ensureLoggedIn;
app.get('/auth/account', ensureLoggedIn('/'), function(req, res, next) {
res.send(req.user);
});
The above assumes single page app. So the login page is at '/'.
Upon successful social login, Loopback will return you a cookie "access_token". So the idea is to have Angular check for the cookie, retrieve the Loopback user id from '/auth/account', and set the AppAuth and LoopBackAuth structures as in loopback-example-access-control.
Modify your Angular controller like this:
angular.module('starter.controllers', ['starter.services'])
.controller('AppCtrl', function($scope, User, $location, AppAuth, $cookies) {
if (AppAuth.currentUser === null) {
if ($cookies.access_token) {
$scope.currentUser =
AppAuth.currentUser = { id: 'social' };
}
}
AppAuth.ensureHasCurrentUser(User);
$scope.currentUser = AppAuth.currentUser;
Then modify your ensureHasCurrentUser function like this:
angular.module('starter.services', ['lbServices'])
.factory('AppAuth', function() {
return {
currentUser: null,
ensureHasCurrentUser: function(User) {
if (this.currentUser) {
this.currentUser = User.getAccount(function() {
// success
}, function () {
console.log('User.getAccount() err', arguments);
});
} else {
console.log('Using cached current user.');
}
} else {
console.log('Fetching current user from the server.');
this.currentUser = User.getCurrent(function() {
// success
}, function(response) {
console.log('User.getCurrent() err', arguments);
});
}
}
};
});
Finally, modify your lb-services.js to add the User.getAccount method:
"getAccount": {
url: "/auth/account",
method: "GET",
interceptor: {
response: function(response) {
LoopBackAuth.accessTokenId = $cookies.access_token.substring(2, 66);
}
if (LoopBackAuth.currentUserId === null) {
delete $cookies["access_token"];
LoopBackAuth.accessTokenId = null;
}
LoopBackAuth.save();
return response.data;
}
}
},
The above should set up for Angular to continue using the access_token for subsequent Loopback REST API requests.
To logout properly, also modify the User.logout method in lb-services.js to delete the cookie:
"logout": {
url: urlBase + "/users/logout",
method: "POST",
interceptor: {
response: function(response) {
LoopBackAuth.currentUserId = null;
LoopBackAuth.accessTokenId = null;
LoopBackAuth.save();
delete $cookies["access_token"];
return response.resource;
}
}
},
Hope the above info helps someone.