As we just noted, the Notes application as currently deployed does not support Twitter-based logins. Any attempt will result in an error. Obviously we can’t deploy it like this.
The Twitter application we set up for Notes previously won’t work because the authentication URL that refers to our laptop is incorrect for the server. To get OAuth to work with Twitter, while deployed on this new server, go to developer.twitter.com/en/apps and reconfigure the application to use the IP address of your server.
That page is the dashboard of your applications that you’ve registered with Twitter. Click on the Details button, and you’ll see the details of the configuration. Click on the Edit button, and edit the list of Callback URLs like so:
Of course, you must substitute the IP address of your server. The URL shown here is correct if your Multipass instance was assigned an IP address of 192.168.64.9. This informs Twitter of a new correct callback URL that will be used. Likewise, if you have configured Notes to listen to port 80, the URL you point Twitter to must also use port 80. You must update this list for any callback URL you use in the future.
The next thing is to change the Notes application so as to use this new callback URL on the svc-notes server. In routes/users.mjs, the default value was http://localhost:3000 for use on our laptop. But we now need to use the IP address for the server. Fortunately, we thought ahead and the software has an environment variable for this purpose. In notes/package.json, add the following environment variable to the on-server script:
TWITTER_CALLBACK_HOST=http://192.168.64.9:3000
Use the actual IP address or domain name assigned to the server being used. In a real deployment, we’ll have a domain name to use here.
Additionally, to enable Twitter login support, it is required to supply Twitter authentication tokens in the environment variables:
TWITTER_CONSUMER_KEY=”… key” TWITTER_CONSUMER_SECRET=”… key”
This should not be added in package.json, but supplied via another means. We have not yet identified a suitable method, but we did identify that adding these variables to package.json means committing them to a source code repository, which might allow those values to leak to the public.
For now, the server can be started as follows:
ubuntu@svc-notes:/opt/notes$ TWITTER_CONSUMER_KEY=”… key”
TWITTER_CONSUMER_SECRET=”… key” npm run on-server
This is still a semi-manual process of starting the server and specifying the Twitter keys, but you’ll be able to log in using Twitter credentials. Keep in mind that we still need a solution for this that avoids committing these keys to a source repository.
The last thing for us to take care of is ensuring the two service processes restart when the respective servers restart. Right now, the services are running at the command line. If we ran multipass restart, the service instances will reboot and the service processes won’t be running.
In the next section, we’ll learn one way to configure a background process that reliably starts when a computer is booted.
Source: Herron David (2020), Node.js Web Development: Server-side web development made easy with Node 14 using practical examples, Packt Publishing.