@salla.sa/passport-strategy
Advanced tools
Passport strategy is used with Salla as an authentication middleware module
using the OAuth 2.0 API.
Explore our blogs »
Report Bug · Request Feature
This module enables you to implement the authentication process using Salla within your Nodejs applications. By plugging it into Passport, Salla authentication can be quickly and unobtrusively implemented into any application or framework that supports connect-style middleware, including Express.js, by plugging it into Passport.
For more information about Salla's OAuth 2.0 implementation, check our Web API Authorization Guide.
$ npm install @salla.sa/passport-strategy
Salla authentication strategy authenticates users using a Salla Merchant Account
and OAuth 2.0 tokens. This strategy requires a verify callback, which accepts
these credentials and calls done providing a user as well as options
specifying a client ID, client secret, and callback URL.
const express = require("express");
const passport = require("passport");
const SallaAPIFactory = require("@salla.sa/passport-strategy");
const app = express();
const port = 8081;
// we initialize our Salla API
const SallaAPI = new SallaAPIFactory({
clientID: "CLIENT_ID", // The client ID assigned to you by Salla in Salla Partner Portal
clientSecret: "CLIENT_SECRET", // The client password assigned to you by Salla in Salla Partner Portal
callbackURL: "http://localhost:8081/oauth/callback", // the /oauth/callback in your service
});
// Use the Salla Strategy within Passport.
passport.use(SallaAPI.getPassportStrategy());
// save token and user data to your selected database
SallaAPI.onAuth((accessToken, refreshToken, expires_in, user) => {
/*
accessToken
refreshToken
expires_in
user
*/
});
/*
when your user login to your application you can retrieve the access token and use
it to access the Salla APIs from SallaAPI.setAccessToken .
SallaAPI.setAccessToken(
ACCESS_TOKEN_FROM_DATABASE,
REFRESH_TOKEN_FROM_DATABASE,
EXPIRES_IN_FROM_DATABASE,
USER_PROFILE_FROM_DATABASE
);
*/
// we set salla express middleware
app.use((req, res, next) => SallaAPI.setExpressVerify(req, res, next));
// GET /
// render the index page
app.get("/", function (req, res) {
res.send({ user: req.user });
});
// GET /oauth/redirect
// Use passport.authenticate() as route middleware to authenticate the
// request. The first step in salla authentication will involve redirecting
// the user to accounts.salla.sa. After authorization, salla will redirect the user
// back to this application at /oauth/callback
app.get("/oauth/redirect", passport.authenticate("salla"));
// GET /oauth/callback
// Use passport.authenticate() as route middleware to authenticate the
// request. If authentication fails, the user will be redirected back to the
// login page. Otherwise, the primary route function function will be called,
// which, in this example, will redirect the user to the home page.
app.get(
"/oauth/callback",
passport.authenticate("salla", { failureRedirect: "/login" }),
function (req, res) {
res.redirect("/");
}
);
app.listen(port, function () {
console.log("App is listening on port " + port);
});
Refresh tokens can be received by calling SallaAPI.refreshToken() function, which returns a Promies.
const SallaAPI = require("@salla.sa/passport-strategy");
SallaAPI.requestNewAccessToken(SallaAPI.getRefreshToken())
.then(({ accessToken, newRefreshToken }) => {
// save new access token and refresh token to your database
})
.catch((err) => res.send(err));
For a complete, working example, refer to the login example, you can get your keys on Salla Partners > My Applications.
Getting All Orders from the store
app.get("/orders", ensureAuthenticated, async function (req, res) {
res.render("orders.html", {
orders: await SallaAPI.getAllOrders(),
});
});
Fetching Resources dynamic url
app.get("/customers", ensureAuthenticated, async function (req, res) {
res.render("orders.html", {
customers: await SallaAPI.fetchResource({
url: "https://api.salla.dev/admin/v2/customers",
}),
});
});
$ npm install --dev
$ npm test
Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
git checkout -b feature/AmazingFeature)git commit -m 'Add some AmazingFeature')git push origin feature/AmazingFeature)If you discover any securitys-related issues, please email security@salla.sa instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.
FAQs
Salla authentication strategy for Passport.
We found that @salla.sa/passport-strategy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 21 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.