GitHunt
LU

luciyer/sfdc-lowtide-auth

Authentication & session storage layer on top of jsforce

authjsforcesalesforce

lowtide-auth

A starting point for developing external tooling, this package will allow you to create server-side sessions and store Salesforce authentication on those sessions.

Setup

First, clone and navigate to the project directory.

$ npm install

You'll need to set some environment variables:

$ touch .env

Add the following, substituting your own values

CLIENT_ID=salesforce_connected_app_client_id
CLIENT_SECRET=salesforce_connected_app_client_secret
SESSION_SECRET=somesecret
HOSTNAME=http://localhost:8080

CLIENT_ID and CLIENT_SECRET are used by the Oauth2 flow. To retrieve these values, create a connected app in Salesforce.

HOSTNAME needs to match the hostname of the callback URL you set in your connected app.

Note: Any unauthenticated requests to /api/* will return a message that user is not authenticated.

Authentication Strategies

Username & Password

POST @ /api/auth/login

{
  "username": "user@some.org",
  "password": "password123"
}

Session ID & Server URL (from inside Salesforce Org)

POST @ /api/auth/sfdc

{
  "sessionId": "my_session_id_goes_here",
  "instanceUrl": "https://my.salesforce.instance.com"
}

Via Oauth2 (Browser)

GET @ /api/auth/oauth -> directs to Salesforce Oauth2 login flow.

View Session Information

Warning: Response contains access token - consider removing in production.

GET @ /api/auth/session

Logout & Destroy Session

GET @ /api/auth/revoke

Languages

JavaScript100.0%

Contributors

LU
Created June 17, 2020
Updated November 17, 2020