This is how it determines if the player should see the auth or index page. I’m thinking it has to do with Cloudflare because the site works fine when it is not set to proxied, and is set to DNS only on Cloudflare. Or, how the callback/code is affected when the site is proxied somehow.
//set route to start OAuth link, this is where you define scopes to request
app.get('/auth/twitch', passport.authenticate('twitch', { scope: 'user_read' }));
//set route for OAuth redirect
app.get('/auth/twitch/callback', passport.authenticate('twitch', { successRedirect: '/', failureRedirect: '/' }));
//detect authentication and serve game page
app.get('/', function (req, res) {
//successfully authenticated
if (req.session && req.session.passport && req.session.passport.user) {
res.sendFile('index.html', { root: 'client/html' });
}
//request authentication
else {
res.sendFile('auth.html', { root: 'client/html' });
};
});