Note: This is the forked version to bump up the API to the up-to-date Zalo v4 (More info here) from longldktmm's project and this will be a LTS project from me.
I haven't npm'ed it yet, so you'll have to pull the whole lib and setup it yourself
mkdir passport-zalo
cd passport-zalo
git init
git pull https://github.com/gugugiyu/passport-zalo.gitWith the introduction of PKCE verification in the new OAuth API, the library will now make use of express-session to store the pkce pair generated per session, and crypto to generate the pkce verfier. So you'll to npm that as well
npm i express-session cryptoLike other strategies of PassportJs, the config are pretty much the same:
// Make sure you imported it
var ZaloStrategy = require("../path/to/lib/passport-zalo/index").Strategy;
passport.use(new ZaloStrategy(
{
appId: process.env.ZALO_CLIENT_ID,
appSecret: process.env.ZALO_CLIENT_SECRET,
callbackURL: 'YOUR_CALL_BACK_URL',
/* This is required to prevent csrf attacks, will be sent back with the auth code */
state: "test",
},
(accessToken, refreshToken, profile, session, cb) => {
/* Handle logics here */
cb(null, user);
}
)
);// Main authentication endpoint
app.get("/auth/zalo", passport.authenticate("zalo"));
// Callback
app.get("/auth/zalo/callback", passport.authenticate("zalo", {failureRedirect: `/login`,}),
(req, res) => {
/* Success, handle the logic here */
res.redirect('/home');
}
);The default profile includes the following:
- Id (platform-unique ID)
- Birthday
- Name
- Gender
- Picture
But you can overwrite it here
// Callback
app.get("/auth/zalo/callback", passport.authenticate("zalo",
{
failureRedirect: `/login`,
fields: ["extra", "custom", "fields"]
}),
(req, res) => {
/* Success, handle the logic here */
res.redirect('/home');
}
);Just file up a pull request, and (hopefully) I'll take a look at your ideas!