Documentation
Express

Express SDK

Follow the Express Quickstart directions to add Hellō to your application in minutes.

Setup

Following are the steps required to setup this package:

1. Package Installation

npm i @hellocoop/express

Hellō Quickstart will perform steps 2 - 4 for you

npx @hellocoop/quickstart@latest --nextjs

2. HELLO_COOKIE_SECRET

The environment variable HELLO_COOKIE_SECRET must be set to 64 char (32 byte) random hex string is required to encrypt cookies used by this package. This can be in .env for local development.

You can generate new values with:

node -e "console.log(crypto.randomBytes(32).toString('hex'))"

Remember to set a unique HELLO_COOKIE_SECRET in each of your deployed environments.

See Environment Vars for additional values that can be set.

The .env file should not be checked into your repository, and should be in your .gitignore file.

3. client_id

If your did not use Hellō Quickstart, you will need to create an application at the Hellō Developer Console (opens in a new tab) and get a client_id.

4. hello.config.js

The convention is to create a hello.config.js file in the root of your project for configuration. This file is imported into the hellocoop.js file and passed to the pageAuth() function for configuration. Below is a basic configuration file. See hello.config.js for additional configuration.

const config = {
    client_id: 'your-client_id-here'
}
module.exports = config

This file should be checked into your repository.

See hello.config.js for additional configuration.

5. API Route

In your main server file add the following code:

helloAuth() will add the /api/hellocoop endpoint which will process the Hellō authorization response, and the Web Client login, logout, and auth operations.

Your server should now be fully configured to work with Hellõ.


API

helloAuth()

Configures the SDK and adds the /api/hellocoop route. See 5. Api Route for usage.

req.getAuth()

Decrypts the hellocoop_auth cookie, sets auth to the value, and returns the result. If no cookie, sets auth to:

isLoggedIn: false

req.auth

Returns the auth object if req.getAuth() has been called, or setAuth Middleware has been processed. Here is an example with the default scopes:

isLoggedIn: true,
sub: 'sub_vvCgtpv35lDgQpHtxmpvmnxK_2nZ',
iat: '1699234659',
name: 'Dick Hardt',
picture: 'https://pictures.hello.coop/r/7a160eed-46bf-48e2-a909-161745535895.png',
email: 'dick.hardt@hello.coop'

res.logout()

Clears the hellocoop_auth cookie.

Middleware

import { redirect, unauthorized, setAuth } from '@hellocoop/express/middleware'

redirect()

Will redirect to the passed path if isLoggedIn=false.

Example:

app.get('/dashboard', redirect('/'), dashboard)`

unauthorized

Will return a 401 status code if isLoggedIn=false

Example:

app.use('/api', unauthorized )

Would return a 401 for any unauthenticated call to /api/*.

setAuth

Middleware that reads and decrypts the hellocoop_auth cookie and sets req.auth.

Example:

app.use('/profiles', setAuth )

Would set req.auth for all profile pages.