@akoenig/sso
v1.2.2
Published
Opinionated wrapper around Passport.js. It supports logins via Facebook and local users.
Downloads
11
Readme
@akoenig/sso
Opinionated wrapper around Passport.js. It supports logins via Facebook and local users.
Installation
npm install --save @akoenig/sso
Usage
The following describes the configuration for performing a Facebook SSO
const app = express();
const restricted = sso(app, {
facebook: {
clientID: "<the-facebook-app-client-id>",
clientSecret: "<the-facebook-app-client-secret>",
callbackURL: "http://localhost:8080/auth/facebook/callback",
successRedirect: "/",
failureRedirect: "/login",
authenticated: async (profile) => {
// Insert or Update in database
}
}
});
This results in a new handler which can be accessed via GET /auth/facebook
. The user gets redirected to Facebook and has to perform the authentication process there. Afterwards the user will be send back to callbackUrl
by Facebook.
Local
The following describes the configuration for performing a local SSO (own users in a database):
const restricted = sso(app, {
local: {
verify: (username, password, callback) => {
const user = YOUR_DATABASE.findUserByUsername(username);
if (!user || user.password !== password) {
return callback(null, false);
}
callback(null, user);
},
successRedirect: "/",
failureRedirect: "/login",
},
});
This registers the following route handler: POST /auth/local
. You can perform a request against that route with the help of a form:
<form action="/auth/local" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="Login">
</form>
Each time the user submits that form, the provided verify
function gets executed. You have to verify the user within that function by gathering the user from your database. The parameters username
and password
are filled with the values from the form.