app.get('/authUri', function(req,res) { /* Generate csrf Anti Forgery */ req.session.secret = csrf.secretSync(); var state = csrf.create(req.session.secret); /* Generate the AuthUrl */ var redirecturl = config.authorization_endpoint + '?client_id=' + config.clientId + '&redirect_uri=' + encodeURIComponent(config.redirectUri) + //Make sure this path matches entry in application dashboard '&scope='+ config.scopes.connect_to_quickbooks[0] + '&response_type=code' + '&state=' + state; res.send(redirecturl); });
session.secret = csrf.secretSync() return csrf.create(session.secret) return csrf.verify(session.secret, token)