Passgate is yet another OAuth2 library heavily inspired from passport with the subtle difference of having everything configured in one place.
The purpose of passgate is to provide a simple and easy unobtrusive way of authenticating with third party OAUTH2 providers. Right now, it only works with Google OAuth2 but it will be expanded in the near future.
In general, Passgate is a middleware that gets passed a config object and thats it. It will do the dirty work for you.
First install the npm package
npm i passgate
Create a file named google.js
and import the following.
const GoogleStrategy = {
google: {
clientID: 'GOOGLE_CLIENT_ID',
clientSecret: 'GOOGLE_CLIENT_SECRET',
authPath: '/auth/google',
callbackPath: '/auth/google/callback',
revokePath: '/auth/google/revoke',
callbackURL: `${LOCALHOST_URL}/auth/google/callback`,
scope: ['https://www.googleapis.com/auth/youtube'],
access_type: 'offline',
successRedirect: '/',
failureRedirect: '/login',
eventCallbacks: {
onAuthSuccess,
onTokensRefresh,
onAccessRevoke
}
}
}
function onAuthSuccess(
{accessToken, refreshToken, tokenExpiryDate, profile},
done
) {
console.log({accessToken, refreshToken, tokenExpiryDate, profile})
// do DB stuff
done() // this must be called after you finish with DB stuff
}
function onTokensRefresh({access_token, refresh_token, expiry_date}) {
console.log({access_token, refresh_token, expiry_date})
}
function onAccessRevoke(done) {
// do database level stuff
done('INSERT REFRESH TOKEN') // here pass the actual refreshToken from your db
}
module.exports = GoogleStrategy
The above code can be called a Strategy. In this case for Google. As you can see everything is in once place for authenticating and de-authenticating with Google.
Make sure you get your CLIENT_ID and CLIENT_SECRET from Google dev console
// server.js
const express = require('express')
const passgate = require('passgate')
const GoogleStrategy = require('./google')
const app = express()
const port = process.env.PORT || 3000
passgate.init(GoogleStrategy)
app.use(passgate)
app.get('/', async (req, res) => {
res.send('Hello world')
})
app.listen(port, () => console.log(`App running on ${port}!`))
Right now Passgate only works with Express so make sure your project supports that.
- Add Google OAUTH
- Add Facebook OAUTH
- Add Github OAUTH
- @pitops - Idea & Initial work