Nodejs with Express
This guide explains the basics of how to sign users in using Node.JS and Express.
note
For a more robust example, see https://github.com/crossid/sample-nodejs.
We use a simple express-openid-connect library that wraps the certified openid-client for the Express framework.
Project Init
Let's init a new project:
mkdir myapp ; cd myapp
npm init -f
npm install express dotenv auth0/express-openid-connect
Configure
express-openid-connect can be configured via env vars, a minimal .env
file would like look:
ISSUER_BASE_URL=https://<TENANT>.crossid.io/oauth2
CLIENT_ID=<CLIENT_ID>
CLIENT_SECRET=<CLIENT_SECRET>
SECRET=<RANDOM_STRING>
BASE_URL=https://localhost
All <>
placeholders must be replaced.
- Line 1:
<TENANT>
is your Crossid tenant, don't have a tenant yet? create one for free! - Line 2:
<CLIENT_ID>
is the client id you get by telling Crossid about your app. - Line 3:
<CLIENT_SECRET>
is the client secret you get by telling Crossid about your app. - Line 4: Choose a long random string (note: this is not a client secret, it's secret for protecting the session cookie)
Notes:
- We use
https
in our BASE_URL to avoid cookie policy issues so proxy is needed (see Caddy below) - The app below requires the redirect_uris to be https://localhost/callback
Server
A minimal server would look like:
// server.js
const express = require("express");
const { auth } = require("express-openid-connect");
require("dotenv").config();
const app = express();
app.use(
auth({
authorizationParams: {
response_type: "code id_token",
audience: "example.com",
scope: "openid profile",
},
})
);
app.set("trust proxy", true);
app.get("/", (req, res) => {
res.send(`hello ${req.oidc.user.name}`);
});
app.listen(3005, () => console.log("listening at http://localhost:3005"));
Let's start a reverse proxy which will route any traffic coming from 443 to port 3005.
caddy reverse-proxy --from localhost:443 --to localhost:3005
(can be installed via brew install Caddy
or https://caddyserver.com/docs/download).
Start the server and hit https://localhost
node ./server.js
References
For more information see express-openid-connect