hapi-auth-github
v2.1.2
Published
Quick & Simple GitHub Authentication for Hapi.js apps
Downloads
20
Maintainers
Readme
hapi-auth-github
makes it easy to
GitHub Authentication Plugin for Hapi.js Apps with detailed documentation.
Why?
We use GitHub for all our coding projects and are building a tool to keep track of all them: https://github.com/dwyl/tudo
Given that other people will have projects that need GitHub Authentication,
we have de-coupled our OAuth code into this re-useable Hapi Plugin.
If you have any questions or would like to contribute to this module, please get in touch:
What?
An easy-to-use Hapi.js plugin that gives you GitHub OAuth Authentication
in a few simple steps and has human-readable, maintained code.
Note: if you are new to Hapi check out: https://github.com/dwyl/learn-hapi
How?
If you're new to GitHub Authentication, and want to understand how it works, read the GitHub OAuth Web Application flow:
https://developer.github.com/v3/oauth/#web-application-flow
Or, if you just need to get up and running fast, follow these simple steps:
1. Install hapi-auth-github
from NPM
Install the plugin from npm and save it to your package.json
:
npm install hapi-auth-github --save
2. Create an App on GitHub
Follow the instructions in: GITHUB-APP-STEP-BY-STEP-GUIDE.md
3. Export the Required Environment Variables
Once you've created your app following the GitHub App Step-by-Step Guide
Export the Environment Variables:
BASE_URL=http://localhost:8000 # same as Authorized JavaScript Origin
GITHUB_CLIENT_ID=YourGitHubClientID
GITHUB_CLIENT_SECRET=SuperSecret
GITHUB_AUTH_REDIRECT_URL=/githubauth
PORT=8000
# Optionals
# (If you are using hapi-auth-jwt2)
JWT_SECRET=ItsNoSecretBecauseYouToldEverybody
# If you are using custom instance of GitHub
GITHUB_HOSTNAME=github.mycompany.com
GITHUB_API_HOSTNAME=api.github.mycompany.com
Notes on Environment Variables:
Tip: If you (or anyone on your team) are new to Environment Variables or need a refresher,
see: https://github.com/dwyl/learn-environment-variables
We named/exported the 5 variables prefixed with GITHUB_
to distinguish them from other services you may be using which
may also have an environment variable named CLIENT_ID
...
The BASE_URL
is required to know which url your app is using.
it needs to be identical to the Authorized JavaScript Origin
that you set in step 2 above.
The GITHUB_AUTH_REDIRECT_URL
is the url (endpoint) where GitHub will
send the initial OAuth2 code
to confirm your application is real.
Make sure that the url is identical to the one you defined when
setting up your app on GitHub. e.g: http://localhost:8000/githubauth
The GITHUB_HOSTNAME
and GITHUB_API_HOSTNAME
let's you define
other instance of GitHub e.g. enterprise. Defaults are github.com
and api.github.com
accordingly.
4. Create Your (Custom) Handler Function
This is where you decide what to do with the person's profile
details
once they have authorized your App to use their GitHub details.
Your custom handler should have the following signature:
function custom_handler(request, reply, tokens, profile) {
// save the profile as a session so you can personalize their experience of your app
// use the reply() to send a response/view to the visitor
}
The handler function parameters are:
- request is the hapi request object with all the properties.
- reply is the standard hapi reply object used to send your response to the client or send a rendered view.
- tokens are the OAuth2 tokens returned by GitHub for the session see: sample_auth_token.json
- profile is the person's GitHub profile see: sample_profile.json
For an example custom_handler, see: example/github_oauth_handler.js
5. Register the Plugin into your Hapi.js Server
The final step is to register the plugin into your Hapi.js Server declaring your desired options:
// declare your desired options for the plugin
var opts = {
handler: require('./github_oauth_handler.js'), // your handler
SCOPE: 'user' // ask for their public email address
};
server.register([{ register: require('hapi-auth-github'), options:opts }],
function (err) {
if(err){
// handle the error if the plugin failed to load:
}
// the rest of your app ...
});
options
explained
handler
- the handler you defined above in step 4 which is your custom logic for GitHub auth enabled app.SCOPE
- these are the permissions your app is requesting.
Implementation Notes:
To run the example you will need an extra environment variable:
BASE_URL=http://localhost:8000 # same as Authorized JavaScript Origin
GITHUB_CLIENT_ID=YourGitHubClientID
GITHUB_CLIENT_SECRET=SuperSecret
GITHUB_AUTH_REDIRECT_URL=/githubauth
PORT=8000
# Optionally (If you are using hapi-auth-jwt2)
JWT_SECRET=ItsNoSecretBecauseYouToldEverybody
Also, if you're wondering what that
JWT_SECRET
Environment Variables is for,
see: https://github.com/dwyl/learn-json-web-tokens
Background Reading
- Basics: https://developer.github.com/guides/basics-of-authentication
- Intro to OAuth2: https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
- GitHub OAuth Scopes: https://developer.github.com/v3/oauth/#scopes (what you should ask to access on a person' GitHub account)