See also:
Page Contents
Overview
Use the providers.json
file (in the project root directory) to configure third-party login using loopback-component-passport.
This file contains settings for each third-party authorization provider, in provider and provider-link objects (for example, google-login and google-link).
To load the configuration, add code such as the following to server.js
:
var loopbackPassport = require('loopback-component-passport');
var PassportConfigurator = loopbackPassport.PassportConfigurator;
var passportConfigurator = new PassportConfigurator(app);
// Build the providers/passport config
var config = {};
try {
config = require('../providers.json');
// If using custom passport module
config['custom-example'].verifyMethod = function(req, token, details, verified) {
verified(null, details);
}
} catch (err) {
console.trace(err);
process.exit(1); // fatal
}
Example providers.json
Below is the providers.template.json file provided with loopback-example-passport.
{
"local": {
"provider": "local",
"module": "passport-local",
"usernameField": "username",
"passwordField": "password",
"authPath": "/auth/local",
"successRedirect": "/auth/account"
},
"custom-example": {
"authScheme": "custom",
"provider": "custom-example",
"module": "loopback-passport-custom-strategy-example",
"authPath": "/auth/example",
"example": {
"id": "123",
"username": "example",
"email": "example@email.com",
"emailVerified": true
},
"authOptions": {
"successRedirect": "/auth/success",
"failureRedirect": "/auth/failure"
},
"passReqToVerify": true
},
"facebook-login": {
"provider": "facebook",
"module": "passport-facebook",
"profileFields": ["gender", "link", "locale", "name", "timezone", "verified", "email", "updated_time"],
"clientID": "{facebook-client-id-1}",
"clientSecret": "{facebook-client-secret-1}",
"callbackURL": "http://localhost:3000/auth/facebook/callback",
"authPath": "/auth/facebook",
"callbackPath": "/auth/facebook/callback",
"successRedirect": "/auth/account",
"scope": ["email"],
"authOptions": {
"display": "popup"
}
},
"google-login": {
"provider": "google",
"module": "passport-google-oauth",
"strategy": "OAuth2Strategy",
"clientID": "{google-client-id-1}",
"clientSecret": "{google-client-secret-1}",
"callbackURL": "http://localhost:3000/auth/google/callback",
"authPath": "/auth/google",
"callbackPath": "/auth/google/callback",
"successRedirect": "/auth/account",
"scope": ["email", "profile"]
},
"twitter-login": {
"provider": "twitter",
"authScheme": "oauth",
"module": "passport-twitter",
"callbackURL": "http://localhost:3000/auth/twitter/callback",
"authPath": "/auth/twitter",
"callbackPath": "/auth/twitter/callback",
"successRedirect": "/auth/account",
"consumerKey": "{twitter-consumer-key}",
"consumerSecret": "{twitter-consumer-secret}"
},
"facebook-link": {
"provider": "facebook",
"module": "passport-facebook",
"clientID": "{facebook-client-id-2}",
"clientSecret": "{facebook-client-secret-2}",
"callbackURL": "http://localhost:3000/link/facebook/callback",
"authPath": "/link/facebook",
"callbackPath": "/link/facebook/callback",
"successRedirect": "/link/account",
"scope": ["email", "user_likes"],
"link": true
},
"google-link": {
"provider": "google",
"module": "passport-google-oauth",
"strategy": "OAuth2Strategy",
"clientID": "{google-client-id-2}",
"clientSecret": "{google-client-secret-2}",
"callbackURL": "http://localhost:3000/link/google/callback",
"authPath": "/link/google",
"callbackPath": "/link/google/callback",
"successRedirect": "/link/account",
"scope": ["email", "profile"],
"link": true
}
}
Provider property reference
Common properties
Property | Type | Description | Example | Default |
---|---|---|---|---|
authPath | String | The local URL for authentication | "/auth/facebook" | /auth/<provider> |
authScheme | String | Default is OAuth 2.0 | "oauth" | oAuth 2.0 |
link | Boolean | True if you want to link accounts. | true | false |
module | String | Node module to use | "passport-facebook" | |
provider | String |
Identifies the provider; can be any identifier string. |
"facebook" | |
strategy | String | The name of passport strategy | "OAuth2Strategy" |
OAuth 1.0
Used by Twitter.
Property | Type | Description | Example |
---|---|---|---|
callbackPath | String | A local URL to mount the callback page | "/auth/facebook/callback" |
callbackURL | String | A URL the Service Provider will use to redirect the User back to the Consumer when Obtaining User Authorization is complete | http://localhost:3000/auth/facebook/callback |
consumerKey | String | A value used by the Consumer to identify itself to the Service Provider | |
consumerSecret | String | A secret used by the Consumer to establish ownership of the Consumer Key | |
scope | Array of String | An array of oAuth 1.0 scopes | ["email"] |
successRedirect | String | A local URL for the success login | "/auth/account" |
OAuth 2
Used by Google and Facebook.
Property | Type | Description | Example |
---|---|---|---|
authOptions | Object | In general, the properties map to those of the Facebook login dialog, but property names and other details depend on the Passport provider's implementation; for example passport-facebook. |
"authOptions": {"display": "popup"} |
callbackPath | String | A local URL to mount the callback page | "/auth/facebook/callback" |
callbackURL | String | oAuth 2.0 callback URL | "http://localhost:3000/auth/facebook/callback" |
clientID | String | The client identifier issued to the client during the registration process | |
clientSecret | String | The client secret | |
scope | Array of String | An array of oAuth 2.0 scopes | ["email"] |
successRedirect | String | A local URL for the success login | "/auth/account" |
Local
Property | Type | Description | Example | Default |
---|---|---|---|---|
usernameField | String | The field name for username on the login form | "user" | username |
passwordField | String | The field name for password on the login form | "pass" | password |
successRedirect | String | A local URL for the success login | "/auth/account" | |
setAccessToken | Boolean | Return user profile with `accessToken` information in passport callback | true | false |
Custom
Property | Type | Description | Example | Default |
---|---|---|---|---|
authOptions | Object | Options passed to custom strategy authenticate method |
"authOptions": {"successRedirect": "/auth/success", "failureRedirect": "/auth/failure"} |
|
passReqToVerify | Boolean | Configures if the HTTP request object should be passed to verify method |
true |
false |