Introduction

Introduction

Aponia.js is a flexible, unopinionated authentication middleware that seamlessly integrates into any full-stack or backend framework. It provides a declarative way to handle OAuth/OIDC based authentication flows and modular utilities for handling related events like session and refresh information.

Features

Declarative Routing

Define all OAuth/OIDC providers in declarative manner. The auth framework will delegate the handling process to providers as needed.

src/auth.ts
import { Auth } from '@aponia.js/core'
import { OAuthProvider } from '@aponia.js/auth.js/plugins/providers/oauth'
 
const provider = new OAuthProvider({ id: 'my-oauth-provider' })
 
const auth = new Auth({
  plugins: [provider]
})
 
console.log(`Login route handled by ${provider.id}: `, provider.pages.login)
console.log(`Callback route handled by ${provider.id}: `, provider.pages.callback)
 
// Example of handling.
 
const request: Aponia.Request = {
  url: new URL('http://localhost:3000/auth/login/provider'),
  method: 'GET',
  cookies: {},
  headers: {},
}
 
auth.handle(request).then(response => {
  console.log('response: ', response)
})

Easy Framework Integration

Express.js

src/app.ts
import { middleware } from '@aponia.js/express'
import express from 'express'
 
import auth from './auth'
 
const app = express()
 
app.use(middleware(auth))
 
app.listen(3000, () => console.log('Listening on port 3000'))

Headless

All classes have methods that can be invoked directly to handle the authentication process manually.

src/auth/google.ts
import { OIDCProvider } from '@aponia.js/core/plugins/providers/oidc'
 
export const google = new OIDCProvider({
  id: 'google',
  clientId: process.env['GOOGLE_ID',
  clientSecret: process.env['GOOGLE_SECRET'],
  issuer: 'https://accounts.google.com',
  endpoints: {
    authorization: {
      params: {
        client_id: process.env['GOOGLE_ID'],
        response_type: 'code',
        scope: 'openid profile email',
      },
    },
  },
})
 
google.login().then((response) => {
  // The authorization URL that will initialize the OAuth process.
  const authorizationUrl = response.redirect
 
  // Any cookies to set, if needed. e.g. PKCE.
  const cookies = response.cookies
 
  // HTTP status, e.g. 302 for redirects.
  const status = response.status
})
Getting Started