Express.js middleware for OpenID Relying Party (aka OAuth 2.0 Client).
This module exposes two middlewares:
.routes()
: install two routes one called/login
and the other one/callback
..protect()
: is a middleware that redirects to/login
if req.session.user is empty. This middleware preserves the url that the user tried to access in the session, so the callback can redirect back to it after a succesful login.
Install
npm i express-openid-connect --save
Requirements
Before installing the routes,
- a body parser middleware for urlencoded content, eg: https://www.npmjs.com/package/body-parser
- a session middleware like express-session or cookie-session.
- node v8 or greater
- express v3 or greater
Usage
const auth = ; app app; app;
Configuration through environment variables
Settings can be provided by environment variables as follows:
ISSUER_BASE_URL=https://my-domain.auth0.com
BASE_URL=https://myapplication.com
CLIENT_ID=xyz
then:
const auth = ;app
License
This project is licensed under the MIT license. See the LICENSE file for more info.