-
Notifications
You must be signed in to change notification settings - Fork 0
Installation and basic usage
Like all PassportJS packages, all you need to do is install and declare passport-authentiq
in your application.
$ npm install passport-authentiq
Before using passport-authentiq
, you must register an application with Authentiq.
If you have not already done so, a new application can be created at the
Authentiq Dashboard.
Your application will be issued a client ID and client
secret, which need to be provided to the strategy. You will also need to
configure a callback URL which matches the route in your application.
The AuthentiqID authentication strategy authenticates users that use the AuthentiqID mobile application by using OpenID Connect, which is an identity layer on top of the OAuth 2.0 protocol.
The clientID and clientSecret are obtained when creating an application on the Authentiq Dashboard and need to be supplied as parameters when creating the strategy.
The callbackURL is the URL to which Authentiq will redirect the user after granting authorization.
The scope parameter is an array of permission scopes to request. valid scopes include: 'aq:name', 'email', 'phone', 'address', 'aq:location', 'aq:push' or none.
The strategy also requires a verify
callback, which receives the access token.
The verify
callback must call done
providing a user to complete authentication.
var AuthentiqIDStrategy = require('passport-authentiqid').Strategy;
passport.use(new AuthentiqStrategy({
clientID: 'Authentiq Client ID',
clientSecret: 'Authentiq Client Secret',
callbackURL: 'https://www.example.net/auth/authentiq/callback',
scope: ['aq:name', 'email~rs', 'phone~r', 'aq:push']
},
function (iss, sub, profile, done) {
User.findOrCreate({ authentiqId: profile.id }, function (err, user) {
return done(err, user);
});
}
));
In the above example, additional parameters can be declared in the done callback
Specifically one can use the following, depending on their needs
function (iss, sub, profile, jwtClaims, accessToken, refreshToken, params, done)
function (iss, sub, profile, accessToken, refreshToken, params, done)
function (iss, sub, profile, accessToken, refreshToken, done)
function(iss, sub, profile, done)
function(iss, sub, done)
Use passport.authenticate()
, specifying the 'authentiq'
strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/authentiq',
passport.authenticate('authentiq'));
app.get('/auth/authentiq/callback',
passport.authenticate('authentiq', { failureRedirect: '/login' }),
function(req, res) {
if (!req.user) {
throw new Error('user null');
}
// Successful authentication, redirect home.
res.redirect("/");
}
);
This should get you up and running quickly.
However if you want more information, you can continue reading to the next chapter about available scopes and response examples.