handleSignIn()
The handleSignIn() function returns an Express route handler for the sign-in path.
Signature
handleSignIn(): express.RequestHandler
Import
const {handleSignIn} = require('@thunderid/express');
Prerequisites
- Mount
thunderID()before this handler - Register this handler on the route that matches your
afterSignInUrl
Usage
index.js
const express = require('express');
const cookieParser = require('cookie-parser');
const {thunderID, handleSignIn} = require('@thunderid/express');
const app = express();
app.use(cookieParser());
app.use(
thunderID({
baseUrl: 'https://localhost:8090',
clientId: '<your-client-id>',
clientSecret: '<your-client-secret>',
afterSignInUrl: 'http://localhost:3000/login',
}),
);
app.get('/login', handleSignIn());
Runtime Behavior
handleSignIn() supports two stages on the same route:
- If the request does not include a
codequery parameter, the handler starts the OAuth 2.0 redirect flow. - If the request includes a
codequery parameter, the handler exchanges the authorization code for tokens, writes the session cookie, and completes sign-in.
Default Callbacks
The handler uses the initialized Express config callbacks if they are provided.
| Callback | Default behavior |
|---|---|
onSignIn | Calls res.end() |
onError | Logs the error message and returns 500 with an empty response body |
Failure Behavior
- If
thunderID()has not been mounted first, the handler logs an error and returns500 - If sign-in fails, the handler calls
onError - If the original request URL already contains an error parameter, the underlying client rejects the request
Notes
- The session cookie is set during the authorization redirect and callback flow
- The underlying Express client uses the configured
sessionCookiesettings when writing the cookie
