This article is part of the article series "Node.JS Modules You Should Know About."
<- previous article next article ->
node logo

Hello everyone! This is the 14th post in the node.js modules you should know about article series.

The first post was about dnode - the freestyle rpc library for node, the second was about optimist - the lightweight options parser for node, the third was about lazy - lazy lists for node, the fourth was about request - the swiss army knife of HTTP streaming, the fifth was about hashish - hash combinators library, the sixth was about read - easy reading from stdin, the seventh was about ntwitter - twitter api for node, the eighth was about that makes websockets and realtime possible in all browsers, the ninth was about redis - the best redis client API library for node, the tenth was on express - an insanely small and fast web framework for node, the eleventh was semver - a node module that takes care of versioning, the twelfth was cradle - a high-level, caching, CouchDB client for node, the thirteenth was jsonstream - streaming JSON parsing library.

Today I'm gonna introduce you to everyauth by Brian Noguchi. Everyauth is a connect middleware that allows you to setup authentication for your app via facebook, twitter, google, vimeo, tumblr, 4square, etc.

Here is a list of all the sites you can use to login into your app:

Everyauth supports a plenty of sites.

Everyauth supports OpenID, Google, Twitter, LinkedIn, Yahoo, Readability, Dropbox,, Vimeo, Tumblr, Facebook, Github, Instagram, Foursquare, Gowalla, 37signals, AngelList, Dwolla,

Using it is as simple as setting up a middleware for connect:

var everyauth = require('everyauth');
var connect = require('connect');

var app = connect(everyauth.middleware());

And setting up config.json that contains secret keys from the sites you are going to be using for authentication:

module.exports = {
    fb: {
        appId: '111565172259433'
      , appSecret: '85f7e0a0cc804886180b887c1f04a3c1'
    twit: {
        consumerKey: 'JLCGyLzuOK1BjnKPKGyQ'
      , consumerSecret: 'GNqKfPqtzOcsCtFbGTMqinoATHvBcy1nzCTimeA9M0'
    github: {
        appId: '11932f2b6d05d2a5fa18'
      , appSecret: '2603d1bc663b74d6732500c1e9ad05b0f4013593'
    // ...

Then you setup routes for logging in for each particular site you want to support (in this example facebook) and you're done:

var conf = require('./config.json');

var usersByFbId = {};

    .findOrCreateUser(function (session, accessToken, accessTokenExtra, fbUserMetadata) {
      return usersByFbId[] ||
        (usersByFbId[] = addUser('facebook', fbUserMetadata));

You can install everyauth through npm as always:

npm install everyauth

EveryAuth on GitHub:

Sponsor this blog series!

Doing a node.js company and want your ad to appear in the series? The ad will go out to 14,000 rss subscribers, 7,000 email subscribers, and it will get viewed by thousands of my blog visitors! Email me and we'll set it up!


If you love these articles, subscribe to my blog for more, follow me on Twitter to find about my adventures, and watch me produce code on GitHub!

This article is part of the article series "Node.JS Modules You Should Know About."
<- previous article next article ->


pete Permalink
January 03, 2012, 18:39

You could compare everyauth with

January 03, 2012, 18:47

I didn't know about passportjs. I'll update the article and mention it.

frank Permalink
January 03, 2012, 21:52

How do you make a request to the service provider after authentication? Or is there a different module for that?

Kevin Permalink
January 17, 2012, 22:06

I'd love to see the module "N" get some coverage. Ridiculously easy Node installs of any version.

January 18, 2012, 23:00

Hi Peter,

I've got everyauth working with openauth for a couple of providers, but I think I really should be using openID.

Do you know of a way to hard code the openid url for specific providers? It seems like it just wants to grab it from a post variable :(

Thanks, Love the series,

naidunya Permalink
September 25, 2012, 17:18

It seems like it just wants to grab it from a post variable :(
Thanks for posting.

royk Permalink
September 25, 2012, 18:47

"It seems like it just wants to grab it from a post variable" :( +1

Very useful series, thank you :)

asdf Permalink
March 12, 2013, 18:12

Thank's for the link to passportjs :)

Leave a new comment

(why do I need your e-mail?)

(Your twitter handle, if you have one.)

Type the word "floppy_301": (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.