npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

fastify-auth0

v1.1.0

Published

Auth0 authentication for Fastify apps

Downloads

39

Readme

fastify-auth0

fastify-auth0 adds Auth0 authentication to Fastify-based apps. This plugin assumes that you know a bit about OAuth 2, and Auth0.

Example

npm install --save fastify-auth0
'use strict'

const fastify = require('fastify')()

const plugin = require('fastify-auth0')

fastify
  .register(require('fastify-cookie'))
  .register(require('fastify-caching'))
  .register(require('fastify-server-session'), {
    secretKey: 'some-secret-password-at-least-32-characters-long',
    sessionMaxAge: 1000 * 60 * 15, // 15 minutes
    cookie: {
      domain: 'localhost',
      path: '/',
      expires: 1000 * 60 * 15,
      sameSite: 'Lax' // important because of the nature of OAuth 2, with all the redirects
    }
  })
  .register(plugin, {
    domain: '',
    client_id: '',
    client_secret: '',
    // optional
    transformer: async function (credentials) {
      credentials.log_in_date = new Date()
      credentials.foo = 'bar'
      // credentials.id = await someFunctionThatLooksUpId(credentials)
      return credentials
    },
    // optional
    success: async function (credentials) {
      console.log(`${credentials.given_name} logged in at ${credentials.log_in_date}`)
    }
  })

fastify.get('/', async function (request, reply) {
  // the credentials returned from Auth0 will be available in routes as request.session.credentials
  return reply.send({credentials: request.session.credentials})
})

fastify.listen(3000)
  .then(function () {
    console.log('listening on %s', fastify.server.address().port)
  })
  .catch(function (err) {
    console.error(err.stack)
  })

Session, Cache, and Cookie

This plugin requires a session provider to be accessible via request.session. fastify-auth0 works well out-of-the-box with fastify-server-session, a simple configuration is shown above.

Usage and Options

fastify-auth0 is a very typical fastify plugin, in that it is registered in the following fashion:

fastify.register(require('fastify-auth0'), options)

Options

TL;DR

At minimum you need a domain, client_id, and client_secret. You'll get back, from Auth0 upon successful auth, the things requested in scope, all of that stuff will become request.session.credentials in routes. After successful auth with Auth0 you'll be redirected to handlerPath, which does important stuff, it's the "callback URL" referenced a lot in documentation, which you need to whitelist with Auth0 (which here is really just appUrl + handlerPath, this goes to Auth0 as the redirect_uri query string parameter during redirection to Auth0 for authentication).

options itself is a simple object that allows the following keys:

| Key | | Type/[default] | Notes | | --- | --- | --- | --- | | domain | required | string | This is your Auth0 domain, like example.auth0.com | | client_id | required | string | The id of your Auth0 client | | client_secret | required | string | Your client's secret | | scope | | string/"profile openid email" | The scope of information about a user that you'd like back from Auth0 upon successful authentication | | appUrl | | "http://localhost:3000" | appUrl and handlerPath are fairly important. Together they produce the redirect_uri query string parameter in the redirection to Auth0. This is very useful in situations where your application is clustered or behind a load balancer or something, where you wouldn't necessarily want Auth0 redirecting back to a particular node of the cluster, for example. | | handlerPath | | "/callback" | The path that Auth0 will redirect to once successfully authenticated with Auth0, see the note above about appUrl. | | success | | [async] function (credentials, request) | A function that should be called when a user is successfully authenticated, this is for your purposes and has no effect on the plugin. credentials is that which Auth0 returns. | | transformer | | [async] function (credentials, request) | Very similar to [async] function success(credentials, request), except that this function can affect stuff. In particular that which this function returns will become request.session.credentials in your routes. | | getSession | | async function (request) { return request.session } | fastify-auth0 needs to set and retrieve session data, this function specifies how the plugin gets the session. |