GithubHelp home page GithubHelp logo

hhy5277 / login-with Goto Github PK

View Code? Open in Web Editor NEW

This project forked from lipp/login-with

0.0 2.0 0.0 330 KB

Stateless login-with microservice for OAuth

Home Page: https://login-with.com

License: MIT License

JavaScript 100.00%

login-with's Introduction

Build Status Coverage Status

About

Stateless authentication microservice for "login-with" functionality, supporting:

  • Twitter
  • GitHub
  • Reddit
  • Facebook
  • Google
  • Mixer
  • ... more to come (PRs welcome)

You can deploy with now or Docker (for mandatory and optional env variables see below).

$ now lipp/login-with
$ docker run lipp/login-with

This microservice must run in a subdomain of yours, e.g. login.yourdomain.com.

<a href='https://login.yourdomain.com/twitter?success=ON_SUCCESS_URL&failure=ON_FAILURE_URL'>
  Login with Twitter
</a>

On successful login two cookies will be created:

  • jwt - A "JSON Web Token" (JWT) containing profile information and the respective access tokens (Twitter/etc). http-only!
  • profile - A JSON string which containing non-sensitive information (accessible from browser JS):
    • username - string / mandatory, the account specific user alias (e.g. Twitter name) ย - photo - string / optional, the account specific user image link
    • name - string / optional, the "real" name

The cookies will be available for your toplevel domain and all subdomains. In addition, the cookie's secure flag is set, which means that your other websites/webservices must run over https.

Setup

The configuration is done by means of environment variables.

Mandatory environment variables

  • LW_SESSION_SECRET - The session secret used by the microservice
  • LW_JWT_SECRET - The secret to sign the JSON Web Token (JWT)
  • LW_SUBDOMAIN - The subdomain this microservice runs, e.g. login.yourdomain.com. All other subdomains (e.g. api.yourdomain.com) and the top-level (e.g. yourdomain.com)

Optional environment variables

  • LW_COOKIE_MAXAGE - The max age of the store cookie, defaults to 10 days
  • LW_PROFILE_COOKIENAME - The profile's cookie name, defaults to profile
  • LW_JWT_COOKIENAME - The JSON Web Token's (JWT) cookie name, defaults to jwt

GitHub specific environment variables

You need to create your own GitHub OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/github/callback

  • LW_GITHUB_CLIENTID - Your GitHub Client ID
  • LW_GITHUB_CLIENTSECRET - Your GitHub Client Secret

Google specific environment variables

You need to create your own Google OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/google/callback

  • LW_GOOGLE_CLIENTID - Your Google Client ID
  • LW_GOOGLE_CLIENTSECRET - Your Google Client Secret

Facebook specific environment variables

You need to create your own Facebook login application. If LW_SUBDOMAIN=login.yourdomain.com your allowed redirects must be: https://login.yourdomain.com/facebook/callback

  • LW_FACEBOOK_APPID - Your Facebook App ID
  • LW_FACEBOOK_APPSECRET - Your Facebook App Secret

Reddit specific environment variables

You need to create your own GitHub OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/reddit/callback

  • LW_REDDIT_CLIENTID - Your Reddit Client ID
  • LW_REDDIT_CLIENTSECRET - Your Reddit Client Secret

Twitter specific environment variables

You need to create your own Twitter OAuth application. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/twitter/callback

  • LW_TWITTER_CONSUMERKEY - Your Twitter Consumer Key
  • LW_TWITTER_CONSUMERSECRET - Your Twitter Consumer Secret

Mixer specific environment variables

You need to create your own Mixer OAuth Client. If LW_SUBDOMAIN=login.yourdomain.com your Authorization callback URL must be: https://login.yourdomain.com/mixer/callback

  • LW_MIXER_CLIENTID - Your Mixer Client ID
  • LW_MIXER_CLIENTSECRET - Your Mixer Client Secret

Endpoints

  • /twitter - login with Twitter account (if configured through env variables)
  • /facebook - login with Facebook account (if configured through env variables)
  • /github - login with GitHub account (if configured through env variables)
  • /google - login with Google account (if configured through env variables)
  • /reddit - login with Reddit account (if configured through env variables)
  • /mixer - login with Mixer account (if configured through env variables)
  • /logout - logout and clears the respective cookies

All endpoints expect the query parameters:

  • success A url to redirect to in case of successful login (use encodeURIComponent for proper escaping)
  • failure A url to redirect to in case of failed login (use encodeURIComponent for proper escaping)

Don't forget to encodeURIComponent on them.

Example

Visit login-with.now.sh. The source code is here.

Deployment with now

Note: You need a custom domain to run this microservice with now. Chrome (and maybe other browsers) explicitly prevent usage of wildcard cookies on .now.sh, which are required for this microservice to work.

  1. Create your secrets for the environment variables
  2. Deploy, e.g. with now
now lipp/login-with \
	-e NODE_ENV=production \
	-e LW_SUBDOMAIN=login.yourdomain.com \
	-e LW_SESSION_SECRET=@lw-session-secret \
	-e LW_JWT_SECRET=@lw-token-secret \
	-e LW_REDDIT_CLIENTID=@lw-reddit-clientid \
	-e LW_REDDIT_CLIENTSECRET=@lw-reddit-clientsecret \
	-e LW_GITHUB_CLIENTID=@lw-github-clientid \
	-e LW_GITHUB_CLIENTSECRET=@lw-github-clientsecret \
	-e LW_TWITTER_CONSUMERKEY=@lw-twitter-consumerkey \
	-e LW_TWITTER_CONSUMERSECRET=@lw-twitter-consumersecret \
	--alias login.yourdomain.com

Deployment with Docker

  1. Create your secrets for the environment variables
  2. Deploy, e.g. with Docker
docker run lipp/login-with -p 80:3000 \
	-e NODE_ENV=production \
	-e LW_SUBDOMAIN=login.yourdomain.com \
	-e LW_SESSION_SECRET=@lw-session-secret \
	-e LW_JWT_SECRET=@lw-token-secret \
	-e LW_REDDIT_CLIENTID=@lw-reddit-clientid \
	-e LW_REDDIT_CLIENTSECRET=@lw-reddit-clientsecret \
	-e LW_GITHUB_CLIENTID=@lw-github-clientid \
	-e LW_GITHUB_CLIENTSECRET=@lw-github-clientsecret \
	-e LW_TWITTER_CONSUMERKEY=@lw-twitter-consumerkey \
	-e LW_TWITTER_CONSUMERSECRET=@lw-twitter-consumersecret \

login-with's People

Contributors

jeffreylo avatar kahwee avatar lipp avatar probableprime avatar stevenharman avatar tomkp avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.