Omar Mir Omar Mir - 5 months ago 16
Javascript Question

Social login on registration page for Stormpath

I really hope this is my last question on the Stormpath API for a while. Making the switch from C# and PHP to node has been somewhat challenging.

I am trying to implement social login on the registration page. The pre-built option places it on the Login page only.

Rendering the page and adding elements to the Jade view is simple enough, but I need to get an oauthStateToken. Now I looked at how the login.js code does this:

var oauth = require('../oauth');
var oauthStateToken = oauth.common.resolveStateToken(req, res);
var formActionUri = (config.web.login.uri + (nextUri ? ('?next=' + nextUri) : ''));

var hasSocialProviders = _.some(, function (socialProvider) {
return socialProvider.enabled;

extend(options, {
form: form,
formActionUri: formActionUri,
oauthStateToken: oauthStateToken,
hasSocialProviders: hasSocialProviders

So essentially it calls the oath files and goes through the code, theoretically, I could do something similar on register.js - essentially (just sample code):

var oauth = require('../oauth');
var _ = require('lodash');
var hasSocialProviders = _.some(, function (socialProvider) {
return socialProvider.enabled;
var oauthStateToken = '';
if (hasSocialProviders) {
oauthStateToken = oauth.common.resolveStateToken(req, res);

helpers.render(req, res, view, {
form: helpers.sanitizeFormData(req.body),
formModel: viewModel.form
oauthStateToken : oauthStateToken,
hasSocialProviders: hasSocialProviders

But of course I wouldn't want to meddle with the core files, and was thinking about creating a middleware function, something like
app.use('/register', callFunction, router);
but I am having some difficulty in conceptualizing how that would work. I seem to understand how stormpath lets me generate an oauth token which I store as a cookie using JWT but I'm having a hard time putting it together into working code without replicating a lot of code already existent in the library.

I can even kinda of get it working by using the REST API but I would like to use it within the express-stormpath library. So some explanation in the context of express-stormpath library would also be enlightening. OR am I overthinking this, should I just fork the library, make the changes to register.js and try for a push upstream?

Thanks again folks,


thanks for the question!

I’ve found a way to work around this in your application, without modifying the express-stormpath library. You’ll need to add a route handler for your registration route, and in that route handler you’ll have to manually do the work to get the oAuthStateToken setup, then call next() to let express-stormpath continue handling the request for the registration page. Here’s what that looks like:

var cookieParser = require('cookie-parser');
var oauth = require('express-stormpath/lib/oauth');

// create your express server, 'app'

app.use('/register', cookieParser(), function (req, res, next) {
  var oauthStateToken = oauth.common.resolveStateToken(req, res);'stormpathConfig').templateContext = {
    oauthStateToken: oauthStateToken

app.use(stormpath.init(app, {
  // .. other config options
  web: {
    register: {
      view: 'views/register.jade'  // path to your custom registration file

I hope this helps! This certainly could be easier, this is a good feature request for the library.