The currently supported OAuth strategies are:
- Google (via passport-google-oauth2)
- Facebook (via passport-facebook)
- GitHub (via passport-github)
- Microsoft (all MS entries, from XBox, Office365, Windows, Skype...) via a custom passport strategy
- uses MSAL
- Twitter via a custom strategy
- uses twittersignin
Microsoft and Twitter strategies are custom ones because no currently available passport strategies were able to perform a working auth or profile retrieving process.
- Create your strategy
- Call
yggdrasil.repositories.auth.addOAuthStrategy('strategyName', new strategyClass());
Passport is made to be used directly with Express, and the authorize method have to be called on each and every route.
As Yggdrasil uses its own auth system (based on JWT, based on express-jwt
and socketio-jwt), we need to use a custom way to call
the passport strategies.
To do so, there is an abstraction layer, performed by the OAuthStrategy class, that allow you to use officials passport strategies or custom ones without a headache.
To create your own OAuth strategy, have a look at the Google strategy.
The process is quite simple :
- import the OAuthStrategy class
- import the passport strategy you want to use
- create a class which extends the OAuthStrategy class
- put your strategy configuration into your custom config file (ig .yggdrasilrc)
Once this is done, you can call yggdrasil.repositories.auth.addOAuthStrategy('strategyName', new strategyClass());