This project demonstrates a simple Single Sign-On (SSO) system built with Node.js. It consists of a central SSO Provider and two Client Applications that rely on the provider for user authentication.
-
SSO Provider (
server.ts)- Port:
5000 - Central authority for authentication
- Manages user credentials and issues JWTs
- Supports local and Google OAuth login
- Port:
-
Client App 1 (
client1.ts)- Port:
3001 - Uses the SSO provider for login and session handling
- Port:
-
Client App 2 (
client2.ts)- Port:
3002 - Another app relying on the same SSO provider
- Port:
- User opens
http://localhost:3001/login. - Client App 1 detects no local session and redirects to the SSO Provider.
- Adds
app_id,redirect_uri, andstatein the query.
- Adds
- SSO Provider presents login options (form-based or Google OAuth).
- Upon successful login, SSO Provider:
- Creates a central session
- Stores it in memory (
ssoSessions) - Sets a cookie
sso_sessionscoped tolocalhost:5000
- SSO Provider issues a JWT (signed using
app1-secret) and redirects to: - Client App 1 validates token via
/sso/validate, creates its local session, and redirects to/dashboard.
- User opens
http://localhost:3002/login. - Client App 2 redirects to the SSO Provider with similar params.
- SSO Provider detects the existing
sso_sessioncookie. - Skips login, immediately issues a JWT (signed using
app2-secret), and redirects to:http://localhost:3002/auth/callback?token= - Client App 2 validates token, creates a local session, and logs user in without showing any login page.
- Centralized login using SSO Provider
- Stateless JWT-based token sharing between apps
- Session cookies scoped to provider domain (
localhost:5000) - Seamless login across trusted applications
- Supports both local and Google OAuth login flows
- Start the SSO Provider:
node server.ts- Start the client files
ts-node src/client<Number>.ts