Nuclear Planning Manual

    passport-wix-app

    1.0.8 • Public • Published

    passport-wix-app

    Build Status npm version

    codecov bitHound Overall Score bitHound Dependencies npm downloads

    Gratipay

    Wix Application authentication strategy for Passport.

    Useful helper for Wix Application developers

    Install

    $ npm install -S passport-wix-app

    Usage

    This module parses instance parameter passed by Wix Applications (see documentation 🌐)

    Wix sends several other parameters (not only instance). You could get their values straight from the original request. Just pass passReqToCallback: true among other Strategy options.

    Additional request's parameters depend on Wix Application type. Read more on the official Wix-Dev site:

    Configure Strategy

    The wix-app authentication strategy authenticates a user using instance parameter, passed by Wix 🌐.

    The strategy requires options and verify callback.

    passport.use(new WixAppStrategy({"secret": "WIX-APP-SECRET"},
      function verifyCallback (instance, done) {
     
        // any user-verification logic
        // ...
        // here is an example:
        User.findOne({
          application: instance.instanceId,
          userId: instance.uid
        }, function (err, user) {
          // error during verification
          if (err) { return done(err) }
     
          // user is not found/not authenticated
          if (!user) { return done(null, false) }
     
          // success:
          return done(null, user)
        })
      }
    ))

    Options

    You can pass additional options to the WixAppStrategy constructor:

    new WixAppStrategy(options, callback)

    The available options are:

    • passReqToCallback - determines whether to pass the incoming request (req) to the verify callback
    • secret - Optional, defaults to null. Defines the secret assigned to your Wix Application. Note that you can omit secret on a configuration step and pass secret on request handling, when the app will call passport.authenticate() method.

    Verification callback

    Verification callback will be called with several params (see passReqToCallback in options-section):

    Parsed Instance

    Example of parsed instance (taken from Wix-documentation 🌐 and extended with custom fields - ext):

    parsedInstance = {
        "instanceId":       "bf296da1-75ce-48e6-9f72-14b7148d4fa2",
        "signDate":         "2015-12-10T06:57:37.201Z",
        "uid":              "da32cbf7-7f8b-4f9b-a97e-e67f3072ce92",
        "permissions":      "OWNER",
        "ipAndPort":        "91.199.119.13/35734",
        "vendorProductId":  null,
        "originInstanceId": "c38e4e00-dcc1-433e-9e90-b332def7b342",
        "siteOwnerId":      "da32cbf7-7f8b-4f9b-a97e-e67f3072ce92",
     
        // additional params:
        "ext": {
            "ip":           "91.199.119.13",
            "port":         35734,
            "signDate":     new Date(2015, 11, 10, 06, 57, 37, 201)
        },
    }

    Authenticate Requests

    Use passport.authenticate(), specifying the 'wix-app' strategy, to authenticate requests.

    For example, as route middleware in an Express 🌐 application:

    app.post('/login',
      passport.authenticate('wix-app', { failureRedirect: '/login' }),
      function(req, res) {
        res.redirect('/');
      });

    Or, with late-loaded secret:

    app.post('/login',
      passport.authenticate('wix-app', {
        secret: 'secret-key',
        failureRedirect: '/login'
      }),
      function(req, res) {
        res.redirect('/');
      });

    Credits

    The passport-local 🌐 (by Jared Hanson) was used as a scaffold for this module.

    License

    Please, read the LICENSE file in the root of the repository (or downloaded package).

    Install

    npm i passport-wix-app

    DownloadsWeekly Downloads

    11

    Version

    1.0.8

    License

    MIT

    Last publish

    Collaborators

    • maxkoryukov