npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

hapi-auth-github

v2.1.2

Published

Quick & Simple GitHub Authentication for Hapi.js apps

Downloads

29

Readme

hapi-auth-github makes it easy to

GitHub Authentication Plugin for Hapi.js Apps with detailed documentation.

Build Status Test Coverage JavaScript Style Guide Code Climate Dependency Status devDependencies Status

Why?

We use GitHub for all our coding projects and are building a tool to keep track of all them: https://github.com/dwyl/tudo

Given that other people will have projects that need GitHub Authentication,
we have de-coupled our OAuth code into this re-useable Hapi Plugin.

If you have any questions or would like to contribute to this module, please get in touch: Join the chat at https://gitter.im/dwyl/chat

What?

An easy-to-use Hapi.js plugin that gives you GitHub OAuth Authentication
in a few simple steps and has human-readable, maintained code.

Note: if you are new to Hapi check out: https://github.com/dwyl/learn-hapi

How?

If you're new to GitHub Authentication, and want to understand how it works, read the GitHub OAuth Web Application flow:
https://developer.github.com/v3/oauth/#web-application-flow

Or, if you just need to get up and running fast, follow these simple steps:

1. Install hapi-auth-github from NPM

Install the plugin from npm and save it to your package.json:

npm install hapi-auth-github --save

2. Create an App on GitHub

Follow the instructions in: GITHUB-APP-STEP-BY-STEP-GUIDE.md

3. Export the Required Environment Variables

Once you've created your app following the GitHub App Step-by-Step Guide

Export the Environment Variables:

BASE_URL=http://localhost:8000 # same as Authorized JavaScript Origin
GITHUB_CLIENT_ID=YourGitHubClientID
GITHUB_CLIENT_SECRET=SuperSecret
GITHUB_AUTH_REDIRECT_URL=/githubauth
PORT=8000

# Optionals
# (If you are using hapi-auth-jwt2)
JWT_SECRET=ItsNoSecretBecauseYouToldEverybody
# If you are using custom instance of GitHub
GITHUB_HOSTNAME=github.mycompany.com
GITHUB_API_HOSTNAME=api.github.mycompany.com

Notes on Environment Variables:

Tip: If you (or anyone on your team) are new to Environment Variables or need a refresher,
see: https://github.com/dwyl/learn-environment-variables

We named/exported the 5 variables prefixed with GITHUB_ to distinguish them from other services you may be using which may also have an environment variable named CLIENT_ID...

The BASE_URL is required to know which url your app is using. it needs to be identical to the Authorized JavaScript Origin that you set in step 2 above.

The GITHUB_AUTH_REDIRECT_URL is the url (endpoint) where GitHub will send the initial OAuth2 code to confirm your application is real. Make sure that the url is identical to the one you defined when setting up your app on GitHub. e.g: http://localhost:8000/githubauth

The GITHUB_HOSTNAME and GITHUB_API_HOSTNAME let's you define other instance of GitHub e.g. enterprise. Defaults are github.com and api.github.com accordingly.

4. Create Your (Custom) Handler Function

This is where you decide what to do with the person's profile details
once they have authorized your App to use their GitHub details.

Your custom handler should have the following signature:

function custom_handler(request, reply, tokens, profile) {
  // save the profile as a session so you can personalize their experience of your app
  // use the reply() to send a response/view to the visitor
}

The handler function parameters are:

  • request is the hapi request object with all the properties.
  • reply is the standard hapi reply object used to send your response to the client or send a rendered view.
  • tokens are the OAuth2 tokens returned by GitHub for the session see: sample_auth_token.json
  • profile is the person's GitHub profile see: sample_profile.json

For an example custom_handler, see: example/github_oauth_handler.js

5. Register the Plugin into your Hapi.js Server

The final step is to register the plugin into your Hapi.js Server declaring your desired options:

// declare your desired options for the plugin
var opts = {
  handler: require('./github_oauth_handler.js'), // your handler
  SCOPE: 'user' // ask for their public email address
};

server.register([{ register: require('hapi-auth-github'), options:opts }],
 function (err) {
  if(err){
    // handle the error if the plugin failed to load:  
  }
  // the rest of your app ...
});

options explained

  • handler - the handler you defined above in step 4 which is your custom logic for GitHub auth enabled app.
  • SCOPE - these are the permissions your app is requesting.

Implementation Notes:

To run the example you will need an extra environment variable:

BASE_URL=http://localhost:8000 # same as Authorized JavaScript Origin
GITHUB_CLIENT_ID=YourGitHubClientID
GITHUB_CLIENT_SECRET=SuperSecret
GITHUB_AUTH_REDIRECT_URL=/githubauth
PORT=8000
# Optionally (If you are using hapi-auth-jwt2)
JWT_SECRET=ItsNoSecretBecauseYouToldEverybody

Also, if you're wondering what that JWT_SECRET Environment Variables is for,
see: https://github.com/dwyl/learn-json-web-tokens

Background Reading

  • Basics: https://developer.github.com/guides/basics-of-authentication
  • Intro to OAuth2: https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
  • GitHub OAuth Scopes: https://developer.github.com/v3/oauth/#scopes (what you should ask to access on a person' GitHub account)