#passportjs

We all must have built a simple authentication system using conventional username and password in our Node.js application. Providing users only one option to log in could snatch away the ease of use from your users. Let us all agree that we tend to use features (if available) like “Login with Facebook”, “Login with Google” instead of signing up and generating a brand new username/password. The repetitive process and setting up your profile for various applications is time-consuming, irritating, and frustrating; moreover, remembering usernames and passwords for all these apps becomes difficult.

To avoid such chaos, one must include social logins in one’s applications. Because of OAuth, we can easily use social media like Facebook, Twitter, and Google for user authentication.

In this tutorial, we will learn How to Implement PassportJS authentication in NodeJS. Here, we will use Facebook Login Feature in our Node.js application. Without further ado, let’s begin our tutorial.

What is PassportJS?

According to documentation,

“Passport is authentication middleware for Node.js. Extremely flexible and modular, a Passport can be unobtrusively dropped into any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.“

Note from the developer– I have tried to explain this blog post in the easiest way possible. I have just focused on the core functionality, i.e., to implement “Login with Facebook.” At the production level, one must add many other things like session management using JWT, etc. I have not included those things here for the sake of simplicity and understanding.

Let’s get started with the PassportJS authentication tutorial.

PassportJS Authentication in NodeJS Example: Steps to Implement Facebook Login Feature in Node.js Application

Follow the step-by-step guide to implement Facebook authentication using NodeJS and PassportJS. Don’t worry, by the end of this tutorial you will be able to implement it by yourself.

Creating Facebook Developer Account

To implement “Login with Facebook” on any web application, you will need “client id” and “client secret.” These two parameters ensure a secure oAuth connection between our Node app and Facebook. To get these, you will need to create a Facebook developer account. So head on to https://developers.facebook.com/ and create a new account.

After creating a Facebook developer account, you will need to create a “test” app which will provide you with app/client id and app/client secret. Also, you need to register your URL, which is going to request Facebook for authentication. (We will look at this in detail later).

After creating and logging into the Facebook developer account, you’ll see the option “Create App.” Hit that option, and you will see something like the image shown below. Select “consumer” as the type of app.

A new project required me to build a REST API that can authenticate a user and pass them back a json web token (JWT) for a cross-platform app. I decided that, as I wanted the ability to expand the service to use authentication providers such as Google and Facebook that passport.js was a pretty good option. Having no experience with it I searched around but couldn't find how to use it without enabling sessions. Eventually I worked it out and thought I'd share the code snippet in case anyone else is struggling with this.

I'm using a local strategy that I created to insert a user into the database (there are loads of tutorials on strategies and stuff all over the place but this one at scotch.io is really nice and very comprehensive). Instead of redirecting the user to another view I simply carry on with the standard Express req, res flow, sign the user object to create a JWT and then passing that back to the client as shown in the image below.

This allows you to use the passport middleware but also have control over what you pass back to the user and how you do it.

Oh yeah and these are the packages you'll need to do this:

Image generated using https://carbon.now.sh

I want to create an interactive website for Hearthstone tournaments with NodeJS. user shall be able to create own tournaments, and I want to host somewhat like "Ranked” tournaments. So what do we need to make that happen only with Javascript and HTML5? Well we need the following things:

a webframework: Express 4.x.x

a Database with realtime data polling: RethinkDB

(I hate mongoDB Schematiks)

realtime communication: socket.io( known for stuff like agar.io)

and something to make everything fancy: p5.js

And of course usermanagement: passportjs