passport-xsolla

Instructions on how to set up your Xsolla Account login client to use with this strategy can be found here.

Passport strategy for authenticating with Xsolla Account (babka) login client access tokens using the OAuth 2.0 API. This module lets you authenticate using Xsolla Account in your Node.js applications using the Passport framework.

Installation

npm install passport-xsolla

or

yarn add passport-xsolla

Usage

Configure Strategy

The Xsolla authentication strategy authenticates users using an Xsolla Account login client.

This strategy requres clientID, clientSecret, audience, and callbackURL. The strategy scope defaults to ['email', 'offline'].

JavaScript

const XsollaStrategy = require('passport-xsolla');

passport.use(new XsollaStrategy({
    clientID: XSOLLA_APP_ID,
    clientSecret: XSOLLA_APP_SECRET,
    audience: XSOLLA_AUDIENCE,
  }, function(accessToken, refreshToken, profile, done) {
    User.findOrCreate({xsollaId: profile.id}, function (error, user) {
      return done(error, user);
    });
  }
));

TypeScript

import { XsollaStrategy } from "passport-xsolla";

passport.use(new XsollaStrategy({
    clientID: XSOLLA_APP_ID,
    clientSecret: XSOLLA_APP_SECRET,
    audience: XSOLLA_AUDIENCE,
  }, function(accessToken, refreshToken, profile, done) {
    User.findOrCreate({xsollaId: profile.id}, function (error, user) {
      return done(error, user);
    });
  }
));

Authenticate Requests

Use passport.authenticate(), specifying xsolla as the strategy to authenticate requests.

app.post('/auth/xsolla/token',
  passport.authenticate('xsolla'),
  function (req, res) {
    // do something with req.user
    res.send(req.user? 200 : 401);
  }
);

Client Requests

Clients can send requests to routes that use the passport-xsolla strategy using query params. Clients must transmit the code parameter that is received after Xsolla Account login. Clients may also optionally transmit a state parameter.

GET /auth/xsolla/token?code=<TOKEN_HERE>&state=<STATE_HERE>