passport-ldsauth

Node.js / ExpressJS / PassportJS OAuth2 authentication strategy for connecting with LDS.org

passport-lds-connect

Passport strategy for authenticating with ldsconnect.org / LDS.org using the OAuth 2.0 API.

This module lets you authenticate using LDS.org in your Node.js applications. By plugging into Passport, LDS.org authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Questions? Comments? Leave an issue or join the discussion on Google Groups

npm install passport-lds-connect --save
npm install lds-connect-proxy --save

See Passport LDS Connect Example

The ldsconnect authentication strategy authenticates users using an LDS.org account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a app ID, app secret, and callback URL.

passport.use(new LdsConnectStrategy({
    // These are the working demo app id and app secret 
    clientID: '55c7-test-bd03',
    clientSecret: '6b2fc4f5-test-8126-64e0-b9aa0ce9a50d',
 
    // defaults to '/api/ldsorg/me', which is not as easy to use 
    profileUrl: '/api/ldsconnect/me',
 
    // local.ldsconnect.org points to 127.0.0.1 and is an authorized domain for demo apps 
    callbackURL: "http://local.ldsconnect.org:3000/oauth2/ldsconnect/callback"
  },
  function(accessTokenrefreshTokenprofiledone) {
    if (profile.guest) {
      // this is the built-in dummy user 'dumbledore', not an actual user 
      // be aware that anyone can log into ldsconnect.org with this test user. 
      // The intent is that they can experiment with your app if they don't yet 
      // have an lds.org account and see if it it's worth the hassle of 
      // finding their MRN to sign up 
    }
    User.findOrCreate({ ldsOrgId: profile.currentUserId }, function (erruser) {
      return done(err, user);
    });
  }
));

If you're making any requests in the browser you'll also want to use lds-connect-proxy until ldsconnect.org supports CORS.

Use passport.authenticate(), specifying the 'ldsconnect' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get(
  '/oauth2/ldsconnect'
, passport.authenticate('ldsconnect')
);
 
// On success this falls through to the second route 
app.get(
  '/oauth2/ldsconnect/callback'
, passport.authenticate('ldsconnect', { failureRedirect: '/login' })
);
app.get(
  '/oauth2/ldsconnect/callback'
, function (reqres) {
    // Successful authentication, redirect home. 
    res.redirect('/');
  }
);

The MIT License

Copyright (c) 2014 AJ ONeal <http://coolaj86.com/>