HTTP Proxy + OAuth
JavaScript CSS HTML
Latest commit 2961d42 May 14, 2016 @mnutt mnutt Merge pull request #41 from deigote/deigote-fix-multiple-domains-parsing
Fix support for multiple required domains


Doorman is an http proxy that authenticates via OAuth.

Your organization probably has some internal services that need to be password-protected. You likely also already manage users using an external service. (Github, Google Apps, etc) Wouldn't it be nice if you could delegate your internal app's authentication/authorization to that app?



  • node.js >= 0.8.x


  • npm install
  • copy conf.example.js to conf.js and modify
  • npm start


Doorman uses everyauth for authenticating, so it supports a wide variety of providers for authentication. For authorization, we need to determine which authenticated users to let in. (see lib/modules) So far only the Github and Google modules are complete, but others are fairly easy.


Doorman is pretty much just everyauth ( and node-http-proxy ( grafted together, and those two projects do most of the heavy lifting.



  • bump http-proxy version to fix #32 (AlexRRR)


  • breaking: simplify session cookie config. (see conf.example.js) (kcrayon)
  • pass config file as a second argument (kcrayon)
  • google auth only prompts user when necessary (kuahyeow)
  • reduce github permissions to minimum necessary (dwradcliffe)
  • https support (AndrewJo)
  • conf.environment.js config for using environment variables (pataquets)
  • replace winston logging with stdout/stderr


  • requiredEmail option for github and google modules
  • requiredDomain and requiredOrganization options can be arrays
  • /_doorman/logout route
  • Upgrade everyauth to 0.4.9 (#18)


Licensed under the MIT License. See LICENSE.