# Social Authentication With Passport.js

This post uses the following dependencies: - chai v3.4.1 - express v3.3.4 - jade v0.34.1 - mocha v2.3.4 - mongodb v1.3.23 - mongoose v3.8.37 - passport v0.3.2 - passport-facebook v2.0.0 - passport-github2 v0.1.9 - passport-google-oauth2 v0.1.6 - passport-instagram v1.0.0 - passport-twitter v1.0.3 - should v7.1

## Setup

### Test locally

Navigate to http://127.0.0.1:1337/

## Register OAuth

Register your application (or in this case a dummy application) with all of the OAuth providers you want to use. Each OAuth provider handles authentication differently and has names for their authentication keys, so make sure to read the documentation before setting up an application.

In all cases use the following url for the callback URL - “http://127.0.0.1:1337/auth/[oauth_provider_name]/callback”. Also, be sure to take note of the generated authentication keys.

## Setup an Authentication File

Create a separate file in the root directory called oauth.js and add the following code:

Make sure to add this file to the .gitignore so when you push to Github, your keys are not included in the repo.

## Edit app.js

Update the rest of app.js with the following code (check the comments for a brief explanation):

Add a new file called account.jade to the “views” folder with the following code:

Fire up the server and test! You should be redirected to the /account page after authentication.

Add the remaining social providers, one by one, testing as you go, until your app.js file looks like this:

Don’t worry - we will be cleaning up the code in a bit, breaking up app.js into several files. For now, we just want to ensure that authentication works.

Test all providers again multiple times.

## Mongoose

Now let’s take it a step further and save the user in MongoDB via Mongoose.

Add the following code just before the config section in app.js:

Update the FacebookStrategy so that it saves the user if s/he doesn’t exist in the database:

Move the serialization/deserialization after the config section and update:

Update the /account route:

## Test Redux

Fire up the server and make sure Facebook authentication is still working. Once logged in, open a mongo shell and ensure there is a new user in the database. Log in and log out several times with Facebook. Check the mongo shell again. There should still only be one user.

## Current Codebase

Update the remaining strategies so that users are saved in the database:

It’s a mess. Let’s clean it up, breaking apart concerns, and add in the remaining mongoose code.

## Code Cleanup

Create a separate file for your Mongoose schema called users.js:

Make sure to add the file as a dependency in app.js: var User = require('./user.js'), and then remove the user model from app.js as well.

Now let’s move the social config to a separate file called authentication.js:

Make sure to Then remove the FacebookStrategy from app.js.

Test again!

## Mongoose Redux

Move the remaining auth configs to authentication.js and add in the mongoose code to save the user:

Your app.js file should now look like this:

Continue to break apart app.js - i.e., moving your routes to a new file. Once done, test everything out again. Drop the database in mongo shell to ensure that new users are still added.

## Unit Tests

#### Install Mocha:

Update the scripts in package.json

Add a Makefile to the root and include the following code:

Create a new folder called “test”, and then tun make test from the command line. If all is well, you should see - 0 passing (1ms).

Create a new file called test.user.js with the following code and save the file in “test”:

Run make test again. You should see that the test passed - 1 passing (47ms).

## Conclusion

Simple, right? Grab the final code here.