Integrate ooth directly in your app server

In the last article we saw how one can use ooth as a standalone microservice (see the full example here). Your application client can then authenticate to ooth with any strategy, get a JWT in return, and use that to create a session with the actual application API (in the example, a GraphQL server).

If your app server is based on express, running ooth as a separate service might be overkill. Instead, you might want to include ooth as a library, and add it as an endpoint to your API server. This way, the application client can authenticate to ooth and directly start a session, no JWT needed.

This time we won’t go through the code. The example server can be found here, and the associated client (a create-react-app) can be found here. Some of the routes of the server are:

  • /graphql -> the actual graphql server
  • /graphiql -> the graphiql tool
  • /auth -> returns a JSON documenting the available ooth routes
  • /auth/status -> see whether the user is logged in
  • /auth/logout
  • /auth/guest/register -> create a “guest” user and start a session with no credentials (good for testing)

Follow the development of ooth

Ooth is an extensible user accounts system for node. It is a wrapper around passport (which is itself extensible with a huge number of strategies, such as username/password, OAuth, Facebook Connect, Google Connect and so on), that handles the interplay between strategies, and the proper storing of credentials and profile data derived from the authentication strategies used (usernames, emails). Ooth is still alpha software. Follow its development here on medium (by clicking follow below) and on twitter.

Update: I created a node.js (next.js) starter library that provides the GUI side of Ooth, called Staart. Check it out live here!