MCPcopy
hub / github.com/bnoguchi/everyauth

github.com/bnoguchi/everyauth @v0.4.9 sqlite

repository ↗ · DeepWiki ↗ · release v0.4.9 ↗
26 symbols 54 edges 62 files 5 documented · 19%
README

everyauth

Authentication and authorization (password, facebook, & more) for your node.js Connect and Express apps.

There is a NodeTuts screencast of everyauth here

There is also a Google Groups (recently created) here to post questions and discuss potential ideas and extensions to the library.

So far, everyauth enables you to login via:

Authenticate Via Credits
Password
Facebook
Twitter
Google
Google Hybrid RocketLabs Development
LinkedIn
Dropbox Torgeir
Tumblr
Evernote Danny Amey
Github
Instagram
Foursquare
Yahoo!
Justin.tv slickplaid
Vimeo slickplaid
37signals (Basecamp, Highrise, Backpack, Campfire)
Readability Alfred Nerstu
AngelList
Dwolla Kenan Shifflett
OpenStreetMap Christoph Giesel
VKontakte (Russian Social Network) Alexey Simonenko
Mail.ru (Russian Social Network) Alexey Gordeyev
Skyrock Rodolphe Stoclin
Gowalla Andrew Kramolisch
TripIt Damian Krzeminski
500px Danny Amey
SoundCloud Chris Leishman
mixi ufssf
Mailchimp Winfred Nadeau
Mendeley Eduard Baun
Stripe Jeff Zabel from Datahero
Salesforce Jeff Zabel from Datahero
Box.net
OpenId RocketLabs Development, Andrew Mee, Brian Noguchi
LDAP / ActiveDirectory Marek Obuchowicz from Korekontrol
Windows Azure Access Control Service (ACS) Dario Renzulli, Juan Pablo Garcia, Matias Woloski from Southworks

everyauth is:

  • Modular - We have you covered with Facebook and Twitter OAuth logins, basic login/password support, and modules coming soon for beta invitation support and more.
  • Easily Configurable - everyauth was built with powerful configuration needs in mind. Configure an authorization strategy in a straightforward, easy-to-read & easy-to-write approach, with as much granularity as you want over the steps and logic of your authorization strategy.
  • Idiomatic - The syntax for configuring and extending your authorization strategies are idiomatic and chainable.

Installation

$ npm install everyauth

Quick Start

Incorporate everyauth into your express app in just 2 easy steps.

  1. Choose and Configure Auth Strategies - Find the authentication strategy you desire in one of the sections below. Follow the configuration instructions.
  2. Add the Middleware to Express

    ```javascript var everyauth = require('everyauth'); // Step 1 code goes here

    // Step 2 code var express = require('express'); var app = express(); app .use(express.bodyParser()) .use(express.cookieParser('mr ripley')) .use(express.session()) .use(everyauth.middleware(app)); ```

Example Application

There is an example application at ./example

To run it:

$ cd example
$ node server.js

Important - Some OAuth Providers do not allow callbacks to localhost, so you will need to create a localhost alias called local.host. Make sure you set up your /etc/hosts so that 127.0.0.1 is also associated with 'local.host'. So inside your /etc/hosts file, one of the lines will look like:

127.0.0.1   localhost local.host

Then point your browser to http://local.host:3000

Tests

$ npm install everyauth --dev

Then, update test/creds.js with credentials that the integration tests use to login to each 3rd party service.

$ make test

Accessing the User

If you are using express or connect, then everyauth provides an easy way to access the user as:

  • req.user from your app server
  • everyauth.user via the everyauth helper accessible from your express views.
  • user as a helper accessible from your express views

To access the user, configure everyauth.everymodule.findUserById and optionally everyauth.everymodule.userPkey. For example, using mongoose:

everyauth.everymodule.findUserById( function (userId, callback) {
  User.findById(userId, callback);
  // callback has the signature, function (err, user) {...}
});

If you need access to the request object the function can have three arguments:

everyauth.everymodule.findUserById( function (req, userId, callback) {

  // use the request in some way ...

  // callback has the signature, function (err, user) {...}
});

Once you have configured this method, you now have access to the user object that was fetched anywhere in your server app code as req.user. For instance:

var app = require('express').createServer()

// Configure your app

app.get('/', function (req, res) {
  console.log(req.user);  // FTW!
  res.render('home');
});

Moreover, you can access the user in your views as everyauth.user or as user.

//- Inside ./views/home.jade
span.user-id= everyauth.user.name
#user-id= user.id

everyauth assumes that you store your users with an id property. If not -- e.g, if you adopt the convention user.uid over user.id -- then just make sure to configure the everyauth.everymodule.userPkey parameter:

everyauth.everymodule.userPkey('uid');

Express Helpers

If you are using express, everyauth comes with some useful dynamic helpers. To enable them:

var express = require('express')
  , everyauth = require('everyauth')
  , app = express.createServer();

everyauth.helpExpress(app);

Then, from within your views, you will have access to the following helpers methods attached to the helper, everyauth:

  • everyauth.loggedIn
  • everyauth.user - the User document associated with the session
  • everyauth.facebook - The is equivalent to what is stored at req.session.auth.facebook, so you can do things like ...
  • everyauth.facebook.user - returns the user json provided from the OAuth provider.
  • everyauth.facebook.accessToken - returns the access_token provided from the OAuth provider for authorized API calls on behalf of the user.
  • And you also get this pattern for other modules - e.g., everyauth.twitter.user, everyauth.github.user, etc.

You also get access to the view helper

  • user - the same as everyauth.user above

As an example of how you would use these, consider the following ./views/user.jade jade template:

.user-id
  .label User Id
  .value #{user.id}
.facebook-id
  .label User Facebook Id
  .value #{everyauth.facebook.user.id}

If you already have an express helper named user, then you can configure everyauth to use a different helper name to access the user object that everyauth manages. To do so, leverage the userAlias option for everyauth.helpExpress:

everyauth.helpExpress(app, { userAlias: '__user__' });

Then, you could access the user object in your view with the helper __user__ instead of the default helper user. So you can compare with the default use of helpers given previously, the alternative leveraging userAlias would look like:

.user-id
  .label User Id
  .value #{__user__.id}
.facebook-id
  .label User Facebook Id
  .value #{everyauth.facebook.user.id}

everyauth also provides convenience methods on the ServerRequest instance req. From any scope that has access to req, you get the following convenience getters and methods:

  • req.loggedIn - a Boolean getter that tells you if the request is by a logged in user
  • req.user - the User document as

Core symbols most depended-on inside this repo

addUser
called by 35
example/server.js
addUser
called by 35
test/app.js
j
called by 22
test/util/expect.js
attr
called by 11
test/util/expect.js
clone
called by 6
lib/utils.js
extractHostname
called by 4
lib/utils.js
renderGenerator
called by 4
lib/modules/password.js
n
called by 4
test/util/expect.js

Shape

Function 26

Languages

TypeScript100%

Modules by API surface

lib/utils.js5 symbols
test/util/expect.js4 symbols
index.js4 symbols
lib/stepSequence.js2 symbols
lib/step.js2 symbols
lib/modules/password.js2 symbols
test/util/satisfy.js1 symbols
test/app.js1 symbols
lib/routeTriggeredSequence.js1 symbols
lib/promise.js1 symbols
lib/modules/oauth.js1 symbols
lib/modules/everymodule.js1 symbols

Dependencies from manifests, versioned

connect2.x · 1×
debug0.x · 1×
expect.js0.x · 1×
express3.x · 1×
jade0.x · 1×
mocha0.x · 1×
node-swt0.x · 1×
node-wsfederation0.x · 1×
oauthhttps://github.com/c · 1×
openid0.x · 1×
request2.x · 1×
satisfy0.x · 1×

For agents

$ claude mcp add everyauth \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact