Passport-Mercadolibre
Passport strategy for authenticating with MercadoLibre using the OAuth 2.0 API.
Learn more about MercadoLibre OAuth schema here.
Installation
$ npm install passport-mercadolibre
Configuration
The Mercadolibre authentication strategy authenticates users using a Mercadolibre
account and OAuth 2.0 tokens. The strategy requires a verify
callback, which
accepts these credentials and calls done
providing a user, as well as
options
specifying a client ID, client secret, and callback URL.
You can obtain the client ID and secret by creating a MercadoLibre app here.
var MercadoLibreStrategy = require('passport-mercadolibre').Strategy;
passport.use(new MercadoLibreStrategy({
clientID: 'YOUR_CLIENT_ID',
clientSecret: 'YOUR_CLIENT_SECRET',
callbackURL: 'http://www.example.com/auth/mercadolibre/callback',
},
function (accessToken, refreshToken, profile, done) {
// + store/retrieve user from database, together with access token and refresh token
return done(null, profile);
}
));
passport.serializeUser(function (user, done) {
done(null, user);
});
passport.deserializeUser(function (user, done) {
done(null, user);
});
Usage
Use passport.authorize()
, specifying the 'mercadolibre'
strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/mercadolibre',
passport.authorize('mercadolibre'));
app.get('/auth/mercadolibre/callback',
passport.authorize('mercadolibre', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
app.get('/', ensureAuthenticated,
function(req, res) {
res.send("Logged in user: " + req.user.nickname);
}
);
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
return next();
};
res.redirect('/auth/mercadolibre');
};
The properties available in the user
object are:
- provider --> mercadolibre
- nickname
- first_name
- last_name
- accessToken
But you can get more information (a lot more!) accessing the raw user profile as provided by MercadoLibre:
- _raw --> raw server response
- _json --> JSON object with server response
Note: Please notice that the module internally sets up the HTTPS module for using SSL v3 as shown below:
https.globalAgent.options.secureProtocol = 'SSLv3_method';
License
Thanks
Thanks to https://github.com/mjpearson/passport-wordpress for the README and file structure.