A rel=me auth middleware implementation in node.js. Works with any connect-type web application


This is a very simple IndieAuth (or rel='me' auth) middleware (Connect) for Node.js. The main design goal is to enable a dead simple auth inside any Connect-type application.

It requires that you use the bodyParser middleware, the cookieParser middleware (for the session).

var express = require('express');
var relme = require('./index.js');
var app = express();
  secret: "A secret for the Sessions encryption"
app.use(relme.middleware({})); // {} is for options. See below. 
// Protect private resources like this. 
app.get('/private', relme.authenticated ,function(reqres){
  res.end('This is a scret that you can now only if you're authentified.');

Current providers include: OStatus sites, Twitter, Google, Github. If you want to support IndieAuth, make sure you support OAuth2, provide rel=me links on your profiles pages.

Test it in on ...

You can initialize the middleware by providing a configuration object. Options include

  • prefix: the prefix for all the relmeauth urls. Default is relmeauth. Change it if it conflicts with your application.
  • authPage: the page on which the user will be asked to submit his indieAuth url. The form must be of GET method and the url provided' name must be me.
  • authErrorPage: the page on which error messages will be displayed. The error message is accessible in response.authError


  prefix: 'auth',
  authPage = function(reqresnext) {
    // Render whatever makes sense to render on the authPage. You can also redirect... etc. 
  authErrorPage = function(reqresnext) {
    // Render whatever makes sense to render on the authErrorPage 
Thank you
Special thanks go to [ciaranj]( for his [node-auth]( NPM, and praise goes to [jaredhanson]( for his willingness to make [passport]( simpler to use!