npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

lb3-easy-passport

v1.0.0

Published

Incorporate Passport.JS into Loopback 3 for user authentication

Downloads

1

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

mpmorempmore

Keywords

Readme

Why does this exist?

The Loopback team created the loopback-component-passport in order to make the incorporation of Passport.JS easier. However, I found the implementation to be a huge pain. The Loopback team's documentation is a good start, but does not cover some of the current issues with implementation.

Backend Setup

  1. Follow the directions given by the Loopback team to set up Passport.JS.
    • Watch out: Provider set up must occur after app.boot code (can also be inside of the callback). They don't call this out in their example, but booting the app is necessary in order to set up the models correctly. Otherwise, you'll encounter errors when loopback-component-passport tries to configure itself.
  2. Passport.JS Setup: You need to add a bunch of Passport.JS specific stuff to the Loopback app setup. The following will help streamline this:

/server/server.js

// Import this module
let lbEasyPassport = require('lb3-easy-passport');
// Create an instance of PassportConfigurator with the app instance
// (If you havent already)
let PassportConfigurator = require(
    'loopback-component-passport'
).PassportConfigurator;
let passportConfigurator = new PassportConfigurator(app);
...
// We will need a session secret for Express cookie-parser
// (http://expressjs.com/en/resources/middleware/cookie-parser.html)
let sessionSecret = process.env.sessionSecret | 'myNewSecret';
// Before you boot the app, we need to begin the set up process
lbEasyPassport.beginPassportJSSetup(app, sessionSecret);
...
// After booting the app and setting up passportConfigurator,
// we need to add a line to finalize setup
boot(app, __dirname, function(err) {
    ...
    passportConfigurator.init(false);
    lbEasyPassport.finishPassportJSSetup(app);
    ...
};
  1. Fixing Cookies: I ended up having serious issues with the cookies that came in from third-party auth providers. Thus, I had to build a small boot script that intercepted the normal third-party authentication process and parse the cookies appropriately. If you run into this issue, you can add the following code to your server.js file:

/server/server.js

// Import this module
let lbEasyPassport = require('lb3-easy-passport');
...
boot(app, __dirname, function(err) {
    ...
    // Frontend base url
    let basePath = 'https://myfrontendurl.com/';
    // Redirect for successful authentication, should match providers.json
    let redirect = '/auth/success';
    // This sends users to basePath/accessToken/userID after
    // successful authentication
    app.use(lbEasyPassport.fixCookies(app, basePath, redirect));
    ...
});
  1. Getting Email: After third-party authentication, it wasn't clear how to get the user's email address from the social media login information and add it to the user model (which I used to send a new account confirmation email, or to correspond with users). The way I tackled this was by intercepting any 'patch' update to the user model that included a specific flag, get the email from the social media info, and add it to the user model object. You can incorporate this by adding the following code to your user model's JS file:

/server/models/[my-user-model].js

// Import this module in server.js
let lbEasyPassport = require('lb3-easy-passport');
// Need to import the app from /server/server.js
let app = require('../server.js');
...
module.exports = function(MyUserModel) {
...
MyUserModel.beforeRemote('prototype.patchAttributes', async function(
    ctx, modelInstance
) {
    // Determine whether this needs us to get the email from social login
    // (I just add a flag to the request)
    if (ctx.args.data.needsEmailFromSocialLogin) {
        // this needs the name of the 'identity' model created by
        // Loopback passport configurator, probably MyUserModelIdentity
        // in this example
        let nameOfIdentityModel = 'MyUserModelIdentity';
        // We also need the userId generated by third-party authentication,
        // typically sent as an access token in the request
        let userId = ctx.args.options.accessToken.userId;
        // Need to go get the email from social media info
        let userEmail = await lbEasyPassport.getEmailFromSocialLogin(
            app, nameOfIdentityModel, userId
        );
        // Then you can add the email to the object
        ctx.args.data.[emailField] = userEmail;
    }
    // Need the return to end async callback
    return;
});