passport-tdameritrade
Advanced tools
Passport strategy for authentication with TD Ameritrade (http://tdameritrade.com/)
Passport strategy for authentication with TD Ameritrade through the OAuth 2.0 API.
Before using this strategy, it is strongly recommended that you read through the official docs page here.
npm install passport-tdameritrade --save
var TDAmeritradeStrategy = require('passport-tdameritrade').Strategy;
passport.use(new TDAmeritradeStrategy({
clientID: 'id',
callbackURL: 'callbackURL'
},
function(accessToken, refreshToken, profile, cb) {
User.findOrCreate({ tdameritradeId: profile.id }, function(err, user) {
return cb(err, user);
});
}));
Use passport.authenticate(), and specify the 'tdameritrade' strategy to authenticate requests.
For example, as a route middleware in an Express app:
app.get('/auth/tdameritrade', passport.authenticate('tdameritrade'));
app.get('/auth/tdameritrade/callback', passport.authenticate('tdameritrade', {
failureRedirect: '/'
}), function(req, res) {
res.redirect('/secretstuff') // Successful auth
});
Some OAuth2 providers require access_type set to offline to return a refresh token. You can do this by adding accessType: 'offline' into the /callback options.
app.get('/auth/tdameritrade/callback', passport.authenticate('tdameritrade', {
failureRedirect: '/',
accessType: 'offline' // add it here
}), function(req, res) {
res.redirect('/secretstuff')
});
In some use cases where the profile may be fetched more than once or you want to keep the user authenticated, refresh tokens may wish to be used. A package such as passport-oauth2-refresh can assist in doing this.
Example:
npm install passport-oauth2-refresh --save
var TDAmeritradeStrategy = require('passport-tdameritrade').Strategy
, refresh = require('passport-oauth2-refresh');
var tdameritradeStrat = new TDAmeritradeStrategy({
clientID: 'id',
callbackURL: 'callbackURL'
},
function(accessToken, refreshToken, profile, cb) {
profile.refreshToken = refreshToken; // store this for later refreshes
User.findOrCreate({ tdameritradeId: profile.id }, function(err, user) {
if (err)
return done(err);
return cb(err, user);
});
});
passport.use(tdameritradeStrat);
refresh.use(tdameritradeStrat);
... then if we require refreshing when fetching an update or something ...
refresh.requestNewAccessToken('tdameritrade', profile.refreshToken, function(err, accessToken, refreshToken) {
if (err)
throw; // boys, we have an error here.
profile.accessToken = accessToken; // store this new one for our new requests!
});
An Express server example can be found in the /example directory. Be sure to npm install in that directory to get the dependencies.
Licensed under the ISC license. The full license text can be found in the root of the project repository.
FAQs
Passport strategy for authentication with TD Ameritrade (http://tdameritrade.com/)
We found that passport-tdameritrade demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.