Shopify authentication strategy for passport


Passport strategy for authenticating with Shopify using the OAuth 2.0 API.

This module lets you authenticate using Shopify in your Node.js applications. By plugging into Passport, Shopify authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

npm install -S passport-shopify

NOTE: Unlike other OAuth2 passport strategies, this requires a specific shop if you want it to be dynamic.

The Shopify authentication strategy authenticates users using a Shopify account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a client ID, client secret, and callback URL.

Static Shop Name:

  new ShopifyStrategy({
    clientSecret: SHOPIFY_CLIENT_SECRET,
    callbackURL: "",
    shop: SHOPIFY_SHOP_SLUG // e.g. ... the `my-shop-name` part 
  function(accessTokenrefreshTokenprofiledone) {
    User.findOrCreate({ shopifyId: }, function (erruser) {
      return done(err, user);

Dynamic Shop Name:

See example folder.

Use passport.authenticate(), specifying the 'shopify' strategy, to authenticate requests.

For example, as route middleware in an Express application:

  passport.authenticate('shopify', {
    scope: [ 'read_products' ],
    shop: 'storename'
  passport.authenticate('shopify', { failureRedirect: '/login' }),
  function(reqres) {
    // Successful authentication, redirect home. 

For a complete, working example, refer to the example.

npm install -d
make test

The MIT License

Copyright (c) 2011- Dantheta and Nick Baugh