7

Building OAuth Strategies with

passport.js

In the preceding chapter, we discussed the passport-JWT strategy. We discussed how to

leverage the JWT package to build a robust user on-boarding process. We covered how to

implement the signup and sign-in process for a user. In this chapter, we will dive into the
following parts:

passport.js Facebook Strategy

passport.js Twitter Strategy

passport.js Google Strategy

passport.js LinkedIn Strategy

All these parts individually consume a lot of time if we set out to do them from scratch.

passport.js provides a simpler way to integrate all these strategies in a very flexible way,

and also makes them easier to implement.

OAuth is an authentication protocol that lets users log in via different external services. For

example, logging in to an application via Facebook or Twitter does not require a user to

provide their username and password if the user is already logged in to Facebook or
Twitter. It saves the user from setting up a new account in an application, which makes the

login process smooth. This makes logging in to an app easier; otherwise, a user first needs
to register to our application and then log in using those credentials. Passport's OAuth

strategies allow users to log in to our application with a single click if the browser

remembers the account. Everything else is done automatically and is handled by the
strategy itself.