Route Handlers

Pre-built handlers for OAuth authentication flow in Express.js applications.

Overview

AuthSafe provides ready-to-use route handlers for all OAuth 2.1 flows: handleSignIn() to initiate sign in, handleCallback() to process the OAuth callback, handleLogout() to sign out, and handleRefresh() to refresh access tokens.

Basic Usage

import { handleSignIn, handleCallback, handleLogout } from 'authsafe-express';

app.get('/auth/signin', (req, res) => {
  handleSignIn(req, res, config);
});

app.get('/auth/callback', (req, res) => {
  handleCallback(req, res, config);
});

app.get('/auth/logout', (req, res) => {
  handleLogout(req, res, config);
});

Best Practices

handleSignIn() generates PKCE code challenge, nonce, and state parameter
handleCallback() requires clientSecret for token exchange
Use returnTo query parameter to specify redirect destination after sign in

Route Handlers

Pre-built handlers for OAuth authentication flow in Express.js applications.

Overview

Basic Usage

import { handleSignIn, handleCallback, handleLogout } from 'authsafe-express';

app.get('/auth/signin', (req, res) => {
  handleSignIn(req, res, config);
});

app.get('/auth/callback', (req, res) => {
  handleCallback(req, res, config);
});

app.get('/auth/logout', (req, res) => {
  handleLogout(req, res, config);
});

Best Practices

handleSignIn() generates PKCE code challenge, nonce, and state parameter
handleCallback() requires clientSecret for token exchange
Use returnTo query parameter to specify redirect destination after sign in