Code Monkey home page Code Monkey logo

login-with's Introduction

Build Status Coverage Status

About

Stateless authentication microservice for "login-with" functionality, supporting:

  • Twitter
  • GitHub
  • Reddit
  • Facebook
  • ... more to come (PRs welcome)

This microservice must run in a subdomain of yours, e.g. login.yourdamain.com.

<a href='https://login.yourdomain.com/twitter?success=ON_SUCCESS_URL&failure=ON_FAILURE_URL>
  Login with Twitter
</a>

On successfull login two cookies will be created:

  • token - A "JSON Web Token" (JWT) containing profile information and the respective access tokens (Twitter/etc). http-only!
  • profile - A JSON string which containing non-sensitive information (accessible from browser JS):
    • username - string / mandatory, the account specific user alias (e.g. Twitter name)
    • photo - string / pptional, the account specific user image link
    • name - string / optional, the "real" name

The cookies will be available for your toplevel domain and all subdomains. In addition, the cookie's secure flag is set, which means that your other websites/webservices must run over https.

Setup

The configuration is done by means of environment variables.

Mandatory environment variables

  • LW_SESSION_SECRET - The session secret used by the microservice
  • LW_JWT_SECRET - The secret to sign the JSON Web Token (JWT)
  • LW_SUBDOMAIN - The subdomain this microservice runs, e.g. login.yourdomain.com. All other subdomains (e.g. api.yourdomain.com) and the top-level (e.g. yourdomain.com)

Optional environment variables

  • LW_COOKIE_MAXAGE - The max age of the store cookie, defaults to 10 days
  • LW_PROFILE_COOKIENAME - The profile's cookie name, defaults to profile
  • LW_JWT_COOKIENAME - The JSON Web Token's (JWT) cookie name, defaults to jwt

GitHub specific environment variables

You need to create your own GitHub OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/github/callback

  • LW_GITHUB_CLIENTID - Your GitHub Client ID
  • LW_GITHUB_CLIENTSECRET - Your GitHub Client Secret

Facebook specific environment variables

You need to create your own Facebook login application. If LW_SUBDOMAIN=login.yourdomain.com your allowed redirects must be: https://login.yourdomain.com/facebook/callback

  • LW_FACEBOOK_APPID - Your Facebook App ID
  • LW_FACEBOOK_APPSECRET - Your Facebook App Secret

Reddit specific environment variables

You need to create your own GitHub OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/reddit/callback

  • LW_REDDIT_CLIENTID - Your Reddit Client ID
  • LW_REDDIT_CLIENTSECRET - Your Reddit Client Secret

Twitter specific environment variables

You need to create your own Twitter OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/twitter/callback

  • LW_TWITTER_CONSUMERKEY - Your Twitter Consumer Key
  • LW_TWITTER_CONSUMERSECRET - Your Twitter Consumer Secret

Endpoints

  • /twitter - login with Twitter account (if configured through env variables)
  • /github - login with GitHub account (if configured through env variables)
  • /reddit - login with Reddit account (if configured through env variables)
  • /logout - logout and clears the respective cookies

All endpoints expect the query parameteres:

  • success A url to redirect to in case of successful login (use encodeURIComponent for proper escaping)
  • failure A url to redirect to in case of failed login (use encodeURIComponent for proper escaping)

Don't forget to encodeURIComponent on them.

Example

Visit login-with.now.sh. The source code is here.

Deployment with now

  1. Create your secrets for the environment variables
  2. Deploy, e.g. with now
now -e NODE_ENV=production -e LW_SUBDOMAIN=login.yourdomain.com -e LW_SESSION_SECRET=@lw-session-secret \
	-e LW_JWT_SECRET=@lw-token-secret \
	-e LW_REDDIT_CLIENTID=@lw-reddit-clientid -e LW_REDDIT_CLIENTSECRET=@lw-reddit-clientsecret \
	-e LW_GITHUB_CLIENTID=@lw-github-clientid -e LW_GITHUB_CLIENTSECRET=@lw-github-clientsecret \
	-e LW_TWITTER_CONSUMERKEY=@lw-twitter-consumerkey -e LW_TWITTER_CONSUMERSECRET=@lw-twitter-consumersecret \
	--alias login.yourdomain.com

login-with's People

Contributors

lipp avatar

Watchers

S.Y. Lee avatar James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.