jed / authom Goto Github PK

A zero-dependency mutli-service authentication tool for node.js

License: MIT License

JavaScript 100.00%

authom's Introduction

authom

authom is an authentication library for node.js. It unifies authentication APIs for multiple services into a single EventEmitter, and works with both the built-in node.js HTTP module and as an Express/Connect app.

authom was designed to solve one problem and solve it well. It has an intuitive node.js-like API, no required dependencies, and doesn't force any particular persistence, session, or middleware approaches on you.

Example

For the built-in node.js HTTP module:

// Like socket.io, authom will intercept requests
// for you to help keep your routes clean.

var server = require("http").createServer()
  , authom = require("authom")

server.on("request", function() {
  // your usual server logic
})

// create servers for the services you'll be using
authom.createServer({ /* facebook credentials */ })
authom.createServer({ /* github credentials */ })
authom.createServer({ /* google credentials */ })
authom.createServer({ /* twitter credentials */ })
// ... et cetera

authom.on("auth", function(req, res, data) {
  // called when a user is authenticated on any service
})

authom.on("error", function(req, res, data) {
  // called when an error occurs during authentication
})

authom.listen(server)
server.listen(8000)

For Express/Connect:

var express = require("express")
  , app = express()
  , authom = require("authom")

// create servers for the services you'll be using
authom.createServer({ /* facebook credentials */ })
authom.createServer({ /* github credentials */ })
authom.createServer({ /* google credentials */ })
authom.createServer({ /* twitter credentials */ })
// ... et cetera

authom.on("auth", function(req, res, data) {
  // called when a user is authenticated on any service
})

authom.on("error", function(req, res, data) {
  // called when an error occurs during authentication
})

app.get("/auth/:service", authom.app)

app.listen(8000)

Supported services

37signals (by nodebiscut)

Bitbucket (by aslakhellesoy)

Dropbox (by cartuchogl)

Dwolla (by nodebiscut)

Facebook (by jed)

Fitbit (by pspeter3)

Foodspotting (by kimtaro)

Foursquare (by nodebiscut)

GitHub (by jed)

Google (by jed)

Gowalla (by jed)

Instagram (by jed)

LinkedIn (by shinecita)

Meetup (by softprops)

Reddit (by avidw)

SoundCloud (by jed)

Stripe Connect (by recipher)

Trello (by falexandrou)

Twitter (by jed)

Vkontakte (by molforp)

Windows Live (by jed)

Ninja Blocks (by thatguydan)

Installation and Setup

To install, enter:

$ npm install authom

To see the demo, enter:

$ npm start authom

And then head to http://authom.jedschmidt.com (which resolves to your local machine at 127.0.0.1). sudo is needed to bind to port 80, as many providers do not allow callback URLs with a port or localhost as the host.

FAQ

How can I add my own service?

See Extending authom below.

Why not just use everyauth/passport? How is authom different?

authom aims to solve a smaller problem, more agnostically. It trades convenience for simplicity and flexibility. Here are some key differences:

authom was built for node, and can also work with Express, while everyauth is tied to Express and Connect. everyauth aims for a much more ambitious integration, but at the expense of locking you into a particular stack. authom takes a more UNIX approach; since it doesn't handle logins, persistence, sessions, or anything past authentication, it is more of a tool and less of a framework.
authom uses native node.js conventions such as EventEmitters and objects, while everyauth uses promises and a chaining config API. This is of course subjective, but the authom API aims to be closer to the APIs of node.js itself.

API

authom.createServer(options, [function(req, res){}])

Creates an EventEmitter for the given authentication service. The service is specified by the service key of the options object, with all other keys differing based on the service. For example, github would be called like this:

var github = authom.createServer({
  service: "github",
  id: "7e38d12b740a339b2d31",
  secret: "116e41bd4cd160b7fae2fe8cc79c136a884928c3",
  scope: ["gist"]
})

An optional name member can also be passed to override that used for authom path matching. So if you had two GitHub apps, you could set them as name: github1 and name: github2, so that they could be accessed as /auth/github1 and /auth/github2.

You can listen for auth and error events by:

listening to a specific service for service-specific events, or
listening to authom for all service events

For example, use this to listen for events from GitHub, based on the code above:

github.on("auth", function(req, res, gitHubSpecificData){})
github.on("error", function(req, res, gitHubSpecificData){})

Or, use this to listen to events from all provders, since authom already listens and namespaces them for you:

authom.on("auth", function(req, res, data){})
authom.on("error", function(req, res, data){})

authom.on("auth", function(req, res, data){})

Listens for successful authentications across all services. The listener is called with the original request/response objects as well as a service-specific user object, which contains the following keys:

token: the token resulting from authentication
refresh_token: the refresh_token resulting from authentication, if implemented by auth service, otherwise undefined
id: the ID of the user on the remote service
data: the original data returned from the service, and
service: the name of the service, given so that you can branch your code:

authom.on("auth", function(req, res, data) {
  switch(data.service) {
    case "github": ...
    case "google": ...
    .
    .
    .
  }
})

authom.on("error", function(req, res, data){})

Listens for failed authentications across all services. Like the auth event, the listener is called with the original request/response objects as well as an error object, allowing you to provide your own session scheme.

authom.listen(server)

Listens to an existing HTTP(S) server for request events. Like socket.io's .listen method, authom will intercept any request whose path starts with /auth.

authom.listener

A standard node.js listener. This can be used for more control over the path at which authom is used. For example, the following two are equivalent:

// socket.io-style
var server = require("http").createServer()
  , authom = require("authom")

server.on("request", function() {
  /* your usual server logic */
})

authom.listen(server)
server.listen(8000)

// route-style
var server = require("http").createServer()
  , authom = require("authom")

server.on("request", function(req, res) {
  if (req.url.slice(5) == "/auth") authom.listener(req, res)

  else {
	/* your usual server logic */
  }
})

server.listen(8000)

authom.registerService(serviceName, Service)

Authom-compliant services can be registered using this method. This is useful for adding custom authentication services not suited to be part of the /lib core services. (For example a business-specific in-house authentication service.) Custom services will override existing services of the same name.

var authom = require("authom")
  , EventEmitter = require("events").EventEmitter

//Custom authentication service
var IpAuth = function(options) {
  var server = new EventEmitter
  var whiteList = options.whiteList || ["127.0.0.1", "::1"]

  server.on("request", function(req, res) {
    if (~whiteList.indexOf(req.connection.remoteAddress)) {
      server.emit("auth", req, res, {status: "yay"})
    }
    else {
      server.emit("error", req, res, {status: "boo"})
    }
  })

  return server
}

authom.registerService("ip-auth", IpAuth)

auth.createServer({
  service: "ip-auth",
  whiteList : ["127.0.0.1", "::1", "192.168.0.1"]
})

authom.route

A regular expression that is run on the pathname of every request. authom will only run if this expression is matched. By default, it is /^\/auth\/([^\/]+)\/?$/.

authom.app

This is a convenience Express app, which should be mounted at a path containing a :service parameter.

Providers

37signals (create an app)

Options:

service: "37signals"
id: the application's Client ID
secret: the application's Client secret

Example:

var signals = authom.createServer({
  service: "37signals",
  id: "c2098292571a03070eb12746353997fb8d6f0e00",
  secret: "4cb7f46fa83f73ec99d37162b946522b9e7a4d5a"
})

Dropbox (create an app)

Options:

service: "dropbox"
id: the application's App key
secret: the application's App secret
info: specify true if you want to get the user info (a little slower - one extra request)

Example:

var dropbox = authom.createServer({
  service: "dropbox",
  id: "zuuteb2w7i82mdg",
  secret: "rj503lgqodxzvbp"
  info: true
})

Dwolla Live (create an app)

Options:

service: "dwolla"
id: the application's Client ID
secret: the application's Client secret
scope: the scope requested.

Example:

var dwolla = authom.createServer({
  service: "dwolla",
  id: "0vNUP/9/GSBXEv69nqKZVfhSZbw8XQdnDiatyXSTM7vW1WzAAU",
  secret: "KI2tdLiRZ813aclUxTgUVyDbxysoJQzPBjHTJ111nHMNdAVlcs",
  scope: "AccountInfoFull"
})

Facebook (create an app)

Options:

service: "facebook"
id: the application's App ID
secret: the application's App secret
scope (optional): the scopes requested by your application
fields (optional): the fields passed onto /users/me Example:

var facebook = authom.createServer({
  service: "facebook",
  id: "256546891060909",
  secret: "e002572fb07423fa66fc38c25c9f49ad",
  scope: [],
  fields: ["name", "picture"]
})

Fitbit (request api key)

Options:

service: "fitbit"
id: the application's Client ID
secret: the application's Client secret

Example:

var fitbit = authom.createServer({
  service: "fitbit",
  id: "45987d27b0e14780bb1a6f1769e679dd",
  secret: "3d403aaeb5b84bc49e98ef8b946a19d5"
})

Foodspotting (request api key)

Options:

service: "foodspotting"
id: the application's Client ID
secret: the application's Client secret

Example:

var foodspotting = authom.createServer({
  service: "foodspotting",
  id: "<api key>",
  secret: "<api secret>"
})

Foursquare (create an app)

Options:

service: "foursquare"
id: the application's CLIENT ID
secret: the application's CLIENT SECRET

Example:

var foursquare = authom.createServer({
  service: "foursquare",
  id: "0DPGLE430Y2LFUCOSFXB0ACG3GGD5DNHH5335FLT4US1QDAZ",
  secret: "WLNCAVFHCMQGVYOZTNOLPXW0XL2KN0DRD1APOA45SRGEZSGK"
})

GitHub (create an app)

Full Docs

Options:

service: "github"
id: the application's Client ID
secret: the application's Secret
redirect_uri (optional): Alternative redirect url.
scope (optional): the scopes requested by your application, as explained here.
state (optional): Unguessable random string.
url (optional): URL to github. Specify this to use with GitHub Enterprise.

Example:

var github = authom.createServer({
  service: "github",
  id: "7e38d12b740a339b2d31",
  secret: "116e41bd4cd160b7fae2fe8cc79c136a884928c3",
  scope: "gist"
})

Make sure that the callback URL used by your application has the same hostname and port as that specified for your application. If they are different, you will get redirect_uri_mismatch errors.

Bitbucket (Go to https://bitbucket.org/account/user/YOURACCOUNT/api to create an app)

Options:

service: "bitbucket"
id: the application's Key
secret: the application's Secret
emails: specify true if you want to get the user's emails (a little slower - one extra request)

Example:

var bitbucket = authom.createServer({
  service: "bitbucket",
  id: "Fs7WNJSqgUSL8zBAZD",
  secret: "yNTv52kS7DWSztpLgbLWKD2AaNxGq2mB",
  emails: true
})

Google (create an app)

Options:

service: "google"
id: the application's Client ID
secret: the application's Client secret
scope (optional): the scopes requested by your application

Example:

var google = authom.createServer({
  service: "google",
  id: "515913292583.apps.googleusercontent.com",
  secret: "UAjUGd_MD9Bkho-kazmJ5Icm",
  scope: ""
})

Gowalla (create an app)

Options:

service: "gowalla"
id: the application's API key
secret: the application's Secret key

Example:

var gowalla = authom.createServer({
  service: "gowalla",
  id: "b8514b75c2674916b77c9a913783b9c2",
  secret: "34f713fdd6b4488982328487f443bd6d"
})

Make sure that the callback URL used by your application is identical to that specified for your application. With the default settings, you'll need a redirect URI of http://<your-host>/auth/google.

Instagram (create an app)

Options:

service: "instagram"
id: the application's CLIENT ID
secret: the application's CLIENT SECRET
scope (optional): the scopes requested by your application

Example:

var instagram = authom.createServer({
  service: "instagram",
  id: "e55497d0ebc24289aba4e715f1ab7d2a",
  secret: "a0e7064bfda64e57a46dcdba48378776"
})

Reddit (create an app)

Options:

service: "reddit"
id: the application's CLIENT ID
secret: the application's CLIENT SECRET
state: Unguessable random string.
scope (optional): the scopes requested by your application

Example:

var reddit = authom.createServer({
  service: "reddit",
  id: "hG5c04ZOk0UngQ",
  secret: "mdJoGP4ayA9M7NdBiKxZUyewz7M",
  state: "unguessable-random-string",
  scope: "identity"
})

SoundCloud (create an app)

Options:

service: "soundcloud"
id: the application's Client ID
secret: the application's Client Secret

Example:

var soundcloud = authom.createServer({
  service: "soundcloud",
  id: "9e5e7b0a891b4a2b13aeae9e5b0c89bb",
  secret: "2f4df63c8ff10f466685c305e87eba6f"
})

Trello (create an app)

Options:

service: "trello"
id: the application's Consumer key
secret: the application's Consumer secret
app_name: the application's name
expiration: optional - when the token expires (examples: never, 30days, 1day). Default is 30days
scope: optional - by default the scope is set to read. Example: read,write

Example:

var trello = authom.createServer({
  service: "trello",
  id: "LwjCfHAugMghuYtHLS9Ugw",
  secret: "etam3XHqDSDPceyHti6tRQGoywiISY0vZWfzhQUxGL4",
  app_name: "Coolest app in the world",
  expiration: "never",
  scope: "read,write",
})

Twitter (create an app)

Options:

service: "twitter"
id: the application's Consumer key
secret: the application's Consumer secret

Example:

var twitter = authom.createServer({
  service: "twitter",
  id: "LwjCfHAugMghuYtHLS9Ugw",
  secret: "etam3XHqDSDPceyHti6tRQGoywiISY0vZWfzhQUxGL4"
})

Notes: Since Twitter is still (!) using the old OAuth1.0a protocol, it requires @ciaranj's node-oauth library to be installed.

Vkontakte (create an app)

Options:

service: "vkontakte"
id: the application's App ID
secret: the application's App secret
scope (optional): the scopes requested by your application
fields (optional): the fields passed onto /method/users.get

Example:

var vkontakte = authom.createServer({
  service: "vkontakte",
  id: "3793488",
  secret: "jZnIeU4nnQfqM5mfjkK0",
  scope: [],
  fields: ["screen_name", "sex", "photo"]
})

Windows Live (create an app)

Options:

service: "windowslive"
id: the application's Client ID
secret: the application's Client secret
scope: the scope requested.

Example:

var windowslive = authom.createServer({
  service: "windowslive",
  id: "000000004C06BA3A",
  secret: "2RsIhweMq6PxR8jc5CjTVoCqTvKZmctY",
  scope: "wl.basic"
})

LinkedIn (create an app)

Options:

service: "linkedin"
id: the application's Api key
secret: the application's Secret key
scopes: Optional. An array with the scopes, fe: ["r_fullprofile", "r_emailaddress"]. Default: r_fullprofile
fields: Optional. Comma separated (no spaces) String with the linkedIn fields to include in the query, fe: "first-name,last-name,picture-url,industry,summary,specialties,skills,projects,headline,site-standard-profile-request"
format: Optional. Format of the response, default "json".

Example:

var linkedin = authom.createServer({
  service: "linkedin",
  id: "AsjCfHAugMghuYtHLS9Xzy",
  secret: "arom3XHqDSDPceyHti6tRQGoywiISY0vZWfzhQUxXZ5"
})

Extending authom

To add an authentication service provider, add a javascript file for the service at the path /lib/services/<service-name>.js. This file should module.exports a constructor that returns an EventEmitter that listens for request events, and emits auth and error events to itself.

var EventEmitter = require("events").EventEmitter

module.exports = function(options) {
  var server = new EventEmitter

  server.on("request", function(req, res) {
    // respond to the request, redirecting the user as needed

    if (successful) {
      // pass an object containing the service's user data
      server.emit("auth", req, res, obj)
    }

    else {
      // pass an object containing an error message
      server.emit("error", req, res, obj)
    }
  })

  return server
}

To make sure that your code can recieve subsequent HTTP(S) calls from the service, use the inbound req.url as the callback URL, using the querystring to disambiguate different stages of the authentication process. See /lib/services/github.js for an example implementation.

Once you're done, and have written tests, make sure you open a pull request so that the rest of us can benefit!

License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

authom's People

Contributors

Stargazers

Watchers

authom's Issues

in inner network environment, can set http proxy to submit http request

Why twitter service is missing

Is there a particular reason why Twitter is missing, I just realized that it wasnt on your list and wanted to know if there is a special reason or perhaps no one is asking for it :(

Thank you and great job, I love authom and might be using in couple projects soon.

Error in express.js example

When twitter emits an error like the following:

{ statusCode: 401,
data: '\n\n Invalid / expired Token\n /oauth/access_token\n\n' }

it triggers the following error:

Uncaught exception: TypeError: Object # has no method 'error'

cause of this:

authom.on('error', function(req, res, data) {
res.error("An error occurred: " + JSON.stringify(data))
});

cause the res object doesnt have the method "error".

How do I set the OAuth redirect URI to be https?

Great work! I like authom a lot and it is a breath of fresh air after working with passport.js.

OAuth redirect URI is expected to be HTTPS if the URL is not localhost.
Could you please provide an example how to set autom to listen to HTTPS redirects.

Pass state param to Github

From http://developer.github.com/v3/oauth/

state
Optional string - An unguessable random string. It is used to protect against cross-site request forgery attacks.

Redirect URI incorrect when used with Express

I'm using Authom like this:

app.use('/auth/:service', authom.app);

I'm trying to authentication with Google, which uses OAuth2. The redirect_uri passed to Google contains / instead of /auth/google.

I think the problem is in oauth2.js where req.url is used:

this.code.query.redirect_uri = url.format(req.url)

If I add these two lines above this, the problem is resolved:

  req.url.pathname = req.baseUrl;
  delete req.url.href;

Similar changes still need to be made later on for onCode.

In any case, I think that originalUrl needs to come into play here because /auth/google isn't in req.url. Is this the correct fix? I would submit a pull request, but since this is an as-documented usage of Authom, I wanted to make sure I wasn't doing anything wrong to begin with. Any insight is welcomed! Thanks.

Add state parameter functionality to access token request

Is it possible to incorporate setting the state parameter in the access token request? The scenario I am thinking of is when there is state related to the initial /auth request that is needed after the access token is granted. (ie. /auth/:service?rememberMeFlag=true). When the access token is requested, only the state parameter is allowed in the oauth spec for this purpose. Adding any other parameter directly to the url will cause an error with the called oauth service. Here is a reference article to help provide context. I am game for making the changes and sending a pull request but I would want a little guidance before I did this. Thanks.

http://stackoverflow.com/questions/7722062/google-oauth2-redirect-uri-with-several-parameters

Work on node 0.10.0

Hello,

Today, I try to run my app that use authom on node 0.10.0. With OAuth2 Services it fails. I review API changes on new version of node at this page https://github.com/joyent/node/wiki/Api-changes-between-v0.8-and-v0.10 , and I change the inheritance method used by the recomend on this page. I need to add more change for pass my custom tests. I try with twitter, facebook, foursquare, instagram and github with sucess, but not extensive. The changes are in cartuchogl@5d40580

Tomorrow I try to do more tests.

Get other data from Twitter

hello, I understood how to retrieve other data facebook, with the fields and the scope, but I do not see how to do it with twitter, you have a solution, or is it set up?

Multiple services not working

Hello,

I noticed that it's not possible to use more than one service with the library, despite using the name field. Example:

var app = require("express").createServer()
  , authom = require("authom")

var one = authom.createServer({
  name: "facebook-one",
  service: "facebook",
  id: "1",
  secret: "mylittlesecret",
  scope: [],
  fields: ["name", "picture"]
})

var two = authom.createServer({
  name: "facebook-two",
  service: "facebook",
  id: "2",
  secret: "mylittlesecret",
  scope: [],
  fields: ["name", "picture"]
})

console.log('one: ', one.code)
// { ... query: { client_id: '2', scope: '' } } <- I was expecting client_id: '1'
console.log('two: ', two.code)
// { ... query: { client_id: '2', scope: '' } }

app.get("/auth/:service", authom.app)
app.listen(8000)

In other words, the last service overwrite all the other services. I dug into the code and I figured out that you store instance variables on the prototype. Hence when one of those variables change, all the instances see the new change. Example:

function myClass(){}
myClass.prototype = {
    settings: {name: 'random'}
};

m1 = new myClass();
m2 = new myClass();

m1.settings.name // 'random'
m2.settings.name // 'random'
m1.settings.name = 'Daniele'
m1.settings.name // 'Daniele'
m2.settings.name // 'Daniele' <- You might have expected 'random'

Fixing the issue is very straightforward and requires to move the properties on the prototype within the constructor.
I was about to propose a pull request when I realised that Facebook wasn't the only service suffering from this problem. At this point I think I'm not sure I can help you further. If you're happy for me to move all the properties on the prototype within the constructor, just let me know and I'll send you a pull request.

Thanks
Daniele

NPM install fails v0.6.x

consider changing

"node": "~0.4.12"

"node": ">=0.4.12"

in package.json since the ~ designates only v0.4.x

Possible compatibility break between 0.4.7 and 0.4.8

Hi there,

We just had a big issue after installing 0.4.8 - all of our facebook authentications stopped working until we reverted to 0.4.7.

I'll investigate further and follow up on this ticket. - Wanted to drop a word on this if anyone experienced similar issues.

( I know I'm 3 months late since 0.4.8 - seems to be a weird edge case.)

Github issue - query param auth deprecated

https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/

Any plan to address this? Should I make a PR? Would it be merged? Should I migrate away to something else?

Hello,

I tried playing around with Authom and Linkedin, below is a snippet of the setup

authom.createServer({
service: 'linkedin',
........
scope: ['r_basicprofile', 'r_emailaddress'],
fields: ['email-address', 'first-name', 'last-name', 'picture-url']
});

I get all the fields requested apart from email-address. Is it possible that email-address is not bound on return?

It's unlikely to be the Linkedin app because r_emailaddress is checked in.

Thanks

npm version is not updated with refresh_token implementation :(

Hi,

npm version seem to be not updated with refresh_token implementation.

Thanks

Need way to pass rejectUnauthorized to authom when using node v0.10.23

With the new security changes with the node https module, self-signed certs are rejected by default. There is an override that can be set called rejectUnauthorized. My thought is to add the override into authom, but I may also not be aware of a workaround. Is this a known issue with workaround or something that should be added to authom? Thanks.

Doesn't emit error content

when emitting an error like you used in twitter.js

if (error) return self.emit("error", req, res, uri.query)

you should emit the error message too, i think it would be good to tell the user why the error happened instead of just sending them the tokens.

Help setting Authom up in a SailsJS app

Could someone look over how I have configured Authom for my Sails app?

I created a policy called "authomAuth", which is "middleware" in Sails speak:

var authom = require('authom');
module.exports = function(req, res, next) {
    authom.listener(req, res);    
    authom.on("auth", function(req, res, data) {        
    })
    authom.on("error", function(req, res, data) {           
    })
    console.log('Using authom policy');
    return next();    
};

I enabled the policy for the "AuthController" in the policy.config file

AuthController: {
        'auth': 'authomAuth'
}

I then created a route as such:

'/auth/:service' : {
        policy: 'authomAuth'
    },

I have left out the forms for the meant time, is my configuration ok?

Thanks

Add keys to separate config file

Feature Request:

Wouldn't it be better to extract your keys, IDs, and so on, into a separate config.js file?

Example:

const config = {

  // mongodb location
  db: 'mongodb://localhost/authom',

  // port
  port: process.env.PORT || 3000,

  // test environment
  test_env: 'test',
  test_db: 'authom-test',
  test_port: 3001,

  // github config
  githubService: 'github',
  githubId: '7e38d12b740a339b2d31',
  githubSecret: '116e41bd4cd160b7fae2fe8cc79c136a884928c3',
  githubState: 'unguessable-random-string'

  // other providers

};

export default config;

Google OAuth Migration

https://developers.google.com/+/api/auth-migration#timetable

According to this the userinfo endpoint will be fully removed, which will break the google oauth.

Services files aren't getting downloaded

meetup.js and twitter.js service files are not getting downloaded using:

npm install authom

Google service in example fails on a different port setting

I cannot use port 80 in my dev machine, so I decided to change the port as in:

var http = require("http")
  , authom = require("../lib/authom")
  , server = http.createServer()
  , port = process.env.PORT || 9000

This results in an error:

That’s an error.
Error: redirect_uri_mismatch
Application: authom_example

Simple password/username support?

I would like to allow users to create new accounts or use existing ones like Facebook for my app. Is this possible? Thanks

request to integrate with express

authom source code looks very clean and easy to understand, but i got a problem to integreate with express,specifically i want to save the authenticated user information into express session.

app.use(express.session({
secret: 'xxx',
store: memoryStore,
}));

i want to set session in authom.on("auth", function(req, res, data) {
req.session.auth=true;
req.session.username= data.user.Name;
})

so that i can check whether user is authenticated or not in express

app.get("secpath",function(){
if(!req.session.auth) redirect("/auth/github"); //<-- but i can not get req.session.auth value as true, the session lost!
})

can someone show how to write a authom middleware for express or other solution?

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

jed / authom Goto Github PK

authom's Introduction

authom

Example

Supported services

Installation and Setup

FAQ

How can I add my own service?

Why not just use everyauth/passport? How is authom different?

API

authom.createServer(options, [function(req, res){}])

authom.on("auth", function(req, res, data){})

authom.on("error", function(req, res, data){})

authom.listen(server)

authom.listener

authom.registerService(serviceName, Service)

authom.route

authom.app

Providers

37signals (create an app)

Dropbox (create an app)

Dwolla Live (create an app)

Facebook (create an app)

Fitbit (request api key)

Foodspotting (request api key)

Foursquare (create an app)

GitHub (create an app)

Bitbucket (Go to https://bitbucket.org/account/user/YOURACCOUNT/api to create an app)

Google (create an app)

Gowalla (create an app)

Instagram (create an app)

Reddit (create an app)

SoundCloud (create an app)

Trello (create an app)

Twitter (create an app)

Vkontakte (create an app)

Windows Live (create an app)

LinkedIn (create an app)

Extending authom

License

authom's People

Contributors

Stargazers

Watchers

Forkers

authom's Issues

Recommend Projects

Recommend Topics

Recommend Org