Feathers 'Twitter API' style

[khwerhahn]

Hi,

I would like to offer a public api in the style twitter does .

{
    "consumerKey": "xxxx",
    "consumerSecret": "xxx",
    "accessToken": "xxx",
    "accessTokenSecret": "xxx"
}

Is there a "out of the box" way to do it with feathers and passport? I'm not too good on the security part and don't want to leave any unnecessary holes.

Thanks for the help!

[ekryski]

@khwerhahn nope. Nothing "out of the box". If you are looking to setup your Feathers app as your own OAuth provider you can use the https://github.com/jaredhanson/oauth2orize since Feathers really is just Express.

With all that said you likely might not need to do that because you can simply allow someone to log in with a clientId and clientSecret (set those values as the usernameField and passwordField for your local strategy) and you can return a JWT access token as an API key. Hope that helps!

Going to close this as we don't have an official need to provide OAuth right now but feel free to leave a note and we might revisit. Thanks for the question! 😄