Authentication Adapters
Mifty provides comprehensive authentication adapters for popular OAuth providers and OTP-based authentication methods. These adapters handle the complete authentication flow, token management, and user profile integration.
OAuth Authentication Adapters
GitHub OAuth
GitHub OAuth
Integrate GitHub OAuth authentication with automatic user profile synchronization
Installation
npm run auth:install auth-githubEnvironment Variables
GITHUB_CLIENT_IDRequiredGitHub OAuth application client ID from GitHub Developer Settings
Iv1.a629723000000000GITHUB_CLIENT_SECRETRequiredGitHub OAuth application client secret from GitHub Developer Settings
ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxGITHUB_CALLBACK_URLRequiredOAuth callback URL configured in your GitHub application
http://localhost:3000/auth/github/callbackComplete .env example:
GITHUB_CLIENT_ID=Iv1.a629723000000000
GITHUB_CLIENT_SECRET=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
GITHUB_CALLBACK_URL=http://localhost:3000/auth/github/callbackGoogle OAuth
Google OAuth
Integrate Google OAuth authentication with Google profile and email access
Installation
npm run auth:install auth-googleEnvironment Variables
GOOGLE_CLIENT_IDRequiredGoogle OAuth client ID from Google Cloud Console
123456789012-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.comGOOGLE_CLIENT_SECRETRequiredGoogle OAuth client secret from Google Cloud Console
GOCSPX-xxxxxxxxxxxxxxxxxxxxxxxxGOOGLE_CALLBACK_URLRequiredOAuth callback URL configured in Google Cloud Console
http://localhost:3000/auth/google/callbackComplete .env example:
GOOGLE_CLIENT_ID=123456789012-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-xxxxxxxxxxxxxxxxxxxxxxxx
GOOGLE_CALLBACK_URL=http://localhost:3000/auth/google/callbackLinkedIn OAuth
LinkedIn OAuth
Integrate LinkedIn OAuth authentication for professional networking features
Installation
npm run auth:install auth-linkedinEnvironment Variables
LINKEDIN_CLIENT_IDRequiredLinkedIn OAuth application client ID from LinkedIn Developer Portal
78xxxxxxxxxxxxxxxxLINKEDIN_CLIENT_SECRETRequiredLinkedIn OAuth application client secret from LinkedIn Developer Portal
xxxxxxxxxxxxxxxxLINKEDIN_CALLBACK_URLRequiredOAuth callback URL configured in LinkedIn application settings
http://localhost:3000/auth/linkedin/callbackComplete .env example:
LINKEDIN_CLIENT_ID=78xxxxxxxxxxxxxxxx
LINKEDIN_CLIENT_SECRET=xxxxxxxxxxxxxxxx
LINKEDIN_CALLBACK_URL=http://localhost:3000/auth/linkedin/callbackFacebook OAuth
Facebook OAuth
Integrate Facebook OAuth authentication with Facebook profile access
Installation
npm run auth:install auth-facebookEnvironment Variables
FACEBOOK_APP_IDRequiredFacebook application ID from Facebook Developers Console
1234567890123456FACEBOOK_APP_SECRETRequiredFacebook application secret from Facebook Developers Console
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxFACEBOOK_CALLBACK_URLRequiredOAuth callback URL configured in Facebook application settings
http://localhost:3000/auth/facebook/callbackComplete .env example:
FACEBOOK_APP_ID=1234567890123456
FACEBOOK_APP_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
FACEBOOK_CALLBACK_URL=http://localhost:3000/auth/facebook/callbackOTP Authentication Adapters
Email OTP Authentication
Email OTP Authentication
Implement secure email-based OTP authentication with customizable templates
Installation
npm run auth:install auth-email-otpEnvironment Variables
OTP_EMAIL_PROVIDERRequiredEmail service provider for sending OTP codes
gmail(Default: smtp)OTP_CODE_LENGTHLength of the generated OTP code
6(Default: 6)OTP_EXPIRY_MINUTESOTP code expiration time in minutes
10(Default: 5)OTP_MAX_ATTEMPTSMaximum number of OTP verification attempts
3(Default: 3)Complete .env example:
OTP_EMAIL_PROVIDER=gmail
OTP_CODE_LENGTH=6
OTP_EXPIRY_MINUTES=10
OTP_MAX_ATTEMPTS=3Mobile OTP Authentication
Mobile OTP Authentication
Implement SMS-based OTP authentication using Twilio or other SMS providers
Installation
npm run auth:install auth-mobile-otpEnvironment Variables
SMS_PROVIDERRequiredSMS service provider for sending OTP codes
twilioTWILIO_ACCOUNT_SIDRequiredTwilio Account SID from Twilio Console
ACxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxTWILIO_AUTH_TOKENRequiredTwilio Auth Token from Twilio Console
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxTWILIO_PHONE_NUMBERRequiredTwilio phone number for sending SMS
+1234567890OTP_SMS_LENGTHLength of the SMS OTP code
4(Default: 4)Complete .env example:
SMS_PROVIDER=twilio
TWILIO_ACCOUNT_SID=ACxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
TWILIO_AUTH_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
TWILIO_PHONE_NUMBER=+1234567890
OTP_SMS_LENGTH=4General Authentication Commands
Here are the general commands for managing authentication adapters:
# List all available authentication adapters
npm run auth:list
# Install any authentication adapter
npm run auth:install <adapter-name>
# Install with custom model and table configuration
npm run auth:install <adapter-name> --model CustomUser --table custom_users
# List installed authentication adapters
npm run adapter installed
# Uninstall an authentication adapter
npm run adapter uninstall <adapter-name>
Next Steps
After setting up authentication adapters, you might want to:
- Configure email services for sending authentication emails
- Set up storage solutions for user profile images
- Implement payment processing for premium features
- Add AI services for enhanced user experiences
Security Best Practices
- Environment Variables: Always store sensitive credentials in environment variables, never in code
- HTTPS: Use HTTPS in production for all OAuth callbacks
- Token Storage: Implement secure token storage and refresh mechanisms
- Rate Limiting: Implement rate limiting for OTP requests to prevent abuse
- Validation: Always validate and sanitize user input, especially phone numbers and email addresses
- Monitoring: Monitor authentication attempts and implement alerting for suspicious activity