relmeauth

A rel=me auth middleware implementation in node.js. Works with any connect-type web application

npm install relmeauth
12 downloads in the last month

Relmeauth

This is a very simple IndieAuth (or rel='me' auth) middleware (Connect) for Node.js. The main design goal is to enable a dead simple auth inside any Connect-type application.

Install

npm install relmeauth

Dependencies

It requires that you use the bodyParser middleware, the cookieParser middleware (for the session).

Example/Usage

var express = require('express');
var relme = require('relmeauth');

var app = express();
app.use(express.bodyParser());
app.use(express.cookieParser());
app.use(express.session({
  secret: "A secret for the Sessions encryption"
}));
app.use(relme.middleware({
  root: 'http://127.0.0.1:8080',
  providers: {
    'google.com': {
      id: 'xxxxx',
      secret: 'yyyyy'
    },
    'github.com': {
      id: 'xxxxx',
      secret: 'yyyyy'
    }
  }
}));

app.get('/private', relme.authenticated ,function(req, res){
  res.end('This is a scret that you can now only if youre authentified.');
});

app.listen(8080)

Current providers include: Google, Github, with OStatus sites, Twitter, to come. If you want to support IndieAuth, make sure you support OAuth2, provide rel=me links on your profiles pages.

Test it in on this site.

Customization

You can initialize the middleware by providing a configuration object. Options include

  • prefix: the prefix for all the relmeauth urls. Default is relmeauth. Change it if it conflicts with your application.
  • authPage: the page on which the user will be asked to submit his indieAuth url. The form must be of GET method and the url provided' name must be me.
  • authErrorPage: the page on which error messages will be displayed. The error message is accessible in response.authError

Example:

app.use(relme.middleware({
  prefix: 'auth',
  root: 'http://127.0.0.1:8080',
  authPage = function(req, res, next) {
    // Render whatever makes sense to render on the authPage. You can also redirect... etc.
  }
  authErrorPage = function(req, res, next) {
    // Render whatever makes sense to render on the authErrorPage
  }
}));

Thank you

Special thanks go to ciaranj for his node-auth NPM, and praise goes to jaredhanson for his willingness to make passport simpler to use!

npm loves you