In this chapter we will authenticate users using a GitHub account and OAuth 2.0 tokens. This will allow us to secure the site and support multiple users; currently we have a single hardcoded token and user. We will also add HTTPS to our site and explore some other modules that we can use to secure other common security vulnerabilities.
Passport is an authentication middleware for node that supports; via plugin; multiple authentication strategies, including Basic Auth, OAuth, and OAuth 2. Passport works by defining a route middleware to be used to authenticate the request.
npm install passport --save
Passport does not include a GitHub strategy; for this we need to install passport-github; a strategy for authenticating with GitHub using the OAuth 2.0 API:
npm install passport-github --save
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.