Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@danreeves/remix-auth-steam
Advanced tools
Readme
This is a Steam strategy for remix-auth library.
Runtime | Has Support |
---|---|
Node.js | ✅ |
Cloudflare | Not tested |
Please, use
npm i remix-auth-steam
or
yarn add remix-auth-steam
To properly use the library, you need to maintain these additional files in your app
directory:
app/services/auth.server.ts
:
import { Authenticator } from "remix-auth";
import { sessionStorage } from "~/services/session.server";
import { SteamStrategy, SteamStrategyVerifyParams } from "remix-auth-steam";
export type User = SteamStrategyVerifyParams;
export let authenticator = new Authenticator<User>(sessionStorage);
authenticator.use(
new SteamStrategy(
{
returnURL: "http://localhost:3000/auth/steam/callback",
apiKey: "YOUR_STEAM_API_KEY", // you can get it here: https://steamcommunity.com/dev/apikey
},
async (user) => user, // perform additional checks for user here, I just leave this to SteamStrategyVerifyParams value
),
);
app/services/session.server.ts
:
import { createCookieSessionStorage } from "remix";
const calculateExpirationDate = (days: number) => {
const expDate = new Date();
expDate.setDate(expDate.getDate() + days);
return expDate;
};
// export the whole sessionStorage object
export let sessionStorage = createCookieSessionStorage({
cookie: {
name: "_session", // use any name you want here
sameSite: "lax", // this helps with CSRF
path: "/", // remember to add this so the cookie will work in all routes
httpOnly: true, // for security reasons, make this cookie http only
secrets: ["s3cr3t"], // replace this with an actual secret
secure: process.env.NODE_ENV === "production", // enable this in prod only
expires: calculateExpirationDate(7), // expire cookie after 7 days
},
});
// you can also export the methods individually for your own usage
export let { getSession, commitSession, destroySession } = sessionStorage;
app/routes/auth/steam.tsx
:
import { LoaderFunction } from "remix";
import { authenticator } from "~/services/auth.server";
export let loader: LoaderFunction = async ({ request }) => {
await authenticator.authenticate("steam", request, {});
};
app/routes/auth/steam/callback.tsx
:
import { LoaderFunction } from "remix";
import { authenticator } from "~/services/auth.server";
export let loader: LoaderFunction = ({ request }) => {
return authenticator.authenticate("steam", request, {
successRedirect: "/",
failureRedirect: "/login",
});
};
After that, navigate to localhost:3000/auth/steam
to check if it works. Here is an example of checking if user is authenticated:
app/routes/index.tsx
:
import { LoaderFunction, useLoaderData } from "remix";
import { authenticator, User } from "~/services/auth.server";
export let loader: LoaderFunction = async ({ request }) => {
const user = await authenticator.isAuthenticated(request);
return user;
};
export default function Index() {
const user: User | null = useLoaderData();
return (
<div style={{ fontFamily: "system-ui, sans-serif", lineHeight: "1.4" }}>
{user ? <h1>User name: {user!.nickname}</h1> : <h1>Not authenticated</h1>}
</div>
);
}
If you are logged in, you should see your username from Steam API, otherwise you will see Not authenticated
message.
Your contributions are highly appreciated! Please, submit any pull requests or issues you found!
FAQs
This is a [Steam](https://steamcommunity.com/) strategy for [remix-auth](https://github.com/sergiodxa/remix-auth) library.
The npm package @danreeves/remix-auth-steam receives a total of 0 weekly downloads. As such, @danreeves/remix-auth-steam popularity was classified as not popular.
We found that @danreeves/remix-auth-steam demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.