Express
This tutorial demonstrates how to add user login, logout, and profile to a Node.js Express application. We recommend that you log in to follow this quickstart with examples configured for your account.
I want to integrate with my app
15 minutesI want to explore a sample app
2 minutesGet a sample configured with your account settings or check it out on Github.
Configure Auth0
You will need to register your application with Auth0 in order to start authenticating users. Go to the Applications screen in the Auth0 dashboard, create a new Regular Web Application, and follow the steps below.
1. Configure Callback URL
A callback URL is an application route where Auth0 redirects users after they have authenticated. This URL must be registered with Auth0 or else users will be unable to log in to the application and will get a "Callback URL mismatch" error.
The callback URL for the application created in this quickstart is http://localhost:3000/callback
. Paste that in the Allowed Callback URLs field for the application you just created.
2. Configure Logout URL
A logout URL is an application route that Auth0 can return users to after logging out. This URL must be registered with Auth0 or else users will be unable to log out of the application and will get a "misconfiguration" error.
The logout URL for the application created in this quickstart is http://localhost:3000
. Paste that in the Allowed Logout URLs field for the application you just created, then scroll down and click Save Changes.
3. Get Your Application Keys
Finally, copy the following fields for your application for use in step 7:
- Domain
- Client ID
Integrate Auth0
4. Install Dependencies
Your application will need the express-openid-connect
package which is an Auth0-maintained OIDC-compliant library for Express.
npm install express express-openid-connect --save
Was this helpful?
5. Configure Router
The Express OpenID Connect library provides the auth
router in order to attach authentication routes to your application. You will need to configure the router with the following configuration keys:
authRequired
- Controls whether authentication is required for all routesauth0Logout
- Uses Auth0 logout featurebaseURL
- The URL where the application is servedsecret
- A long, random string used to encrypt the session cookieissuerBaseURL
- The Domain as a secure URL found in your Application settingsclientID
- The Client ID found in your Application settings
Here is an example configuration using this router:
const { auth } = require('express-openid-connect');
const config = {
authRequired: false,
auth0Logout: true,
baseURL: 'http://localhost:3000',
clientID: '{yourClientId}',
issuerBaseURL: 'https://{yourDomain}',
secret: 'LONG_RANDOM_STRING'
};
// auth router attaches /login, /logout, and /callback routes to the baseURL
app.use(auth(config));
// req.isAuthenticated is provided from the auth router
app.get('/', (req, res) => {
res.send(req.oidc.isAuthenticated() ? 'Logged in' : 'Logged out')
});
Was this helpful?
For additional configuration options visit the API documentation.
Login
A user can now log into your application by visiting the /login
route provided by the library. If you are running your project on localhost:3000
that link would be http://localhost:3000/login
.
Display User Profile
To display the user's profile, your application should provide a protected route.
Add the requiresAuth
middleware for routes that require authentication. Any route using this middleware will check for a valid user session and, if one does not exist, it will redirect the user to log in.
const { requiresAuth } = require('express-openid-connect');
app.get('/profile', requiresAuth(), (req, res) => {
res.send(JSON.stringify(req.oidc.user));
});
Was this helpful?
Logout
A user can log out of your application by visiting the /logout
route provided by the library. If you are running your project on localhost:3000
that link would be http://localhost:3000/logout
.
What's next?
We put together a few examples of how to use Express OpenID Connect in more advanced use cases: