1.0.1 • Published 4 years ago

passport-auth-staq v1.0.1

Weekly downloads
1
License
ISC
Repository
github
Last release
4 years ago

passport-auth-staq

Passport strategy for authenticating with AuthStaq using the OAuth 2.0 protocol.

This module lets you authenticate using AuthStaq in your node applications. By plugging into Passport, AuthStaq authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Usage

Create an Application

Before using passport-auth-staq, you must register an application with AuthStaq. If you have not already done so, a new application can be created on the AuthStaq platform. Your application will be issued a client ID and client secret, which need to be provided to the strategy. You will also need to configure a redirect URI which matches the route in your application.

Setup

const passport = require('passport')
const AuthStaqStrategy = require('passport-auth-staq')

// Initialize passport middleware
app.use(passport.initialize())
app.use(passport.session())

// Set up AuthStaqStrategy
passport.use(new AuthStaqStrategy({
    clientID: 'abc-123',
    clientSecret: 'super-secret',
    callbackURL: `${hostName}/auth/callback`
  }, function(accessToken, refreshToken, profile, cb) {
    return cb(null, profile)
  })
)

// Save profile returned from authentication into session
passport.serializeUser((user, done) => {
  done(null, user)
})

// Load authenticated profile from session
passport.deserializeUser((user, done) => {
  done(null, user)
})


// Authentication route, will redirect to AuthStaq to handle authentication and redirect to configured callback once complete  
app.get('/auth/staq', passport.authenticate('auth-staq', {}))
// Callback route, will verify authentication and load the user profile.  The result is passed to serializeUser above.
app.get('/auth/staq/callback',
  passport.authenticate('auth-staq', { failureRedirect: '/auth/staq' }),
  function(req, res) {     
    res.redirect('/private/route')
  }
)

// Bonus, ensure users are signed in before accessing private endpoints
function requireUser(req, res, next) {
  if (!req.session.passport.user) {
    return res.redirect('/auth/staq')
  } 
  return next()
}

app.get('/private/route', requireUser, (req, res) => { 
  return res.send(`Welcome ${req.session.passport.user.firstName}`)
})

Profile

The AuthStaq profile returned from this strategy has these properties:

  • id: The AuthStaq user id
  • email: The email address the user used to register with your application
  • firstName: The user's first name
  • lastName: The user's last name
oauthauthenticationpassportstrategy
passport-oauth2
@infinitebrahmanuniverse/nolb-passport-a@everything-registry/sub-chunk-2413
1.0.1

4 years ago