Reddit authentication strategy for Passport.
This module lets you authenticate using Reddit in your Node.js applications. By plugging into Passport, Reddit authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
$ npm install passport-reddit
The Reddit authentication strategy authenticates users using a Reddit
account and OAuth 2.0 tokens. The strategy requires a
verify callback, which
accepts these credentials and calls
done providing a user, as well as
options specifying a client ID, client secret, and callback URL.
passportuseclientID: REDDIT_CONSUMER_KEYclientSecret: REDDIT_CONSUMER_SECRETcallbackURL: ""UserfindOrCreate redditId: profileidreturn doneerr user;;;
passport.authenticate(), specifying the
'reddit' strategy, to
For example, as route middleware in an Express application:
appget'/auth/reddit'reqsessionstate = cryptorandomBytes32toString'hex';passportauthenticate'reddit'state: reqsessionstateduration: 'permanent'req res next;;appget'/auth/reddit/callback'// Check for origin via state tokenif reqquerystate == reqsessionstatepassportauthenticate'reddit'successRedirect: '/'failureRedirect: '/login'req res next;elsenext 403 ;;
state option use
Reddit requires state, otherwise erring out.
I've decided to opt out of providing default state, since it kills the whole purpose of the flag.
If you don't want to use it, provide any string and don't check for it on user return.
If you think this is a stupid requirement, fill an issue with reddit.
Once they remove it, this middleware will simply work.
Also included is the optional
duration parameter, to request a slightly longer authorization.
temporary (1 hour).
Defined in the official Reddit OAuth spec
For a complete, working example, refer to the login example.
$ npm install --dev $ make test
Original work Copyright (c) 2012-2013 Jared Hanson <http://jaredhanson.net/>
Modified work Copyright (c) 2013 Dmytro Soltys <http://slotos.net/>
Modified work Copyright (c) 2013 Brian Partridge <http://brianpartridge.com/>