@oxide/remix-auth-turnstile
v0.6.4
Published
Under development library for integrating turnstile authentication with Remix.
Downloads
176
Readme
@oxide/remix-auth-turnstile
Under development library for integrating turnstile authentication with Remix.
Installation
npm install --save @oxide/remix-auth-turnstile
Usage - Magic Link
auth.use(
new TurnstileMagicLinkStrategy(
{
// REQUIRED
// Full url to the turnstile API
host: TURNSTILE_HOST,
// Magic link client secret
clientSecret: MAGIC_LINK_SECRET,
// Path or url that the user should land on when clicking the magic link. This url must be
// registered as a valid redirect uri with the magic link client.
callbackPath: '/magic',
// Custom identifier when using mutliple Magic Link flows against a single server.
channel: 'login',
// Time in seconds that the magic link should be valid for.
linkExpirationTime: 60 * 10,
// OPTIONAL
// Session key to store a success indicator in
successMessageKey,
// The scopes to include for the requested access token
// @default ['user:info:r']
scope: [
'user:info:r',
'applicant:r',
'applicant:w',
'application:r',
'application:w',
'department:r',
'role:r',
'listing:r',
],
},
async (params) => {
const {
// The email that the user initiated the magic link flow via.
email,
// The user identifying info that was retrieved from the server during authentication.
user,
// The access token for the user.
token
} = params;
return {
id: user.info.id,
email,
token
}
},
),
)
Usage - OAuth
auth.use(
new TurnstileOAuthStrategy(
{
// REQUIRED
host: TURNSTILE_HOST,
clientID: OAUTH_CLIENT_ID,
clientSecret: OAUTH_CLIENT_SECRET,
// Full callback url that has been registered as a valid redirect uri with the oauth client
callbackURL: OAUTH_CLIENT_URL,
// The remote provider to use as the backing authentication
remoteProvider: 'google',
// OPTIONAL
// The scopes to include for the requested access token
// @default ['user:info:r']
scope: [
'user:info:r',
'applicant:r',
'applicant:w',
'application:r',
'application:w',
'department:r',
'role:r',
'listing:r',
],
},
async ({ accessToken, profile }) => {
return {
id: profile._raw.info.id,
email: profile.emails?.[0].value || '',
token: accessToken,
}
},
),
)