express-oauth2-middleware

Provides stateless Bearer token authentication for Express JS ( through a HttpOnly cookie ).

Table of Contents

• Introduction
• Install
• Usage
• Maintainers
• Contribute
• License

Introduction

express-oauth2-middleware facilitates stateless Bearer token authentication for Express JS ( through a HttpOnly cookie ). It automatically enforces OAuth2 authentication on any page in your Express JS app. If you are not logged in it will automatically redirect you to the specified authorization url.

If you are logged in, it will set a HttpOnly cookie which contains the Bearer token and automatically authenticates you on each page/api request.

Note

Do not use this module without CSRF protection enabled. Otherwise your application will be susceptible to CSRF attacks!

Install

This project uses node and npm. Go check them out if you don't have them locally installed!

https://www.npmjs.com/package/express-oauth2-middleware

$ npm install express-oauth2-middleware --save-exact

Usage

Below you can find an example of how to use express-oauth2-middleware :

const initOAuth2Middleware = require('express-oauth2-middleware')
 
// call before you register any other routes on router.
initOAuth2Middleware(app, router, {
    // from the OAuth2 server.
    OAuth2Opts: {
        authorizationURL: '',
        tokenURL: '',
        clientID: '',
        clientSecret: '',
        callbackURL: '',
        userInfoURL: ''
    },
    urls: {
        // Local endpoints.
        callbackURL: '/',
        redirectURL: '/home',
        logoutURL: '/logout',
        userDetailsURL: '/api/user'
    }
})

Maintainers

@justinkames.

Contribute

Feel free to dive in! Open an issue or submit PRs.

vuejs-logger follows the Contributor Covenant Code of Conduct.

License

MIT © Justin Kames