Passport Strategy for Wechat Enterprise Account/微信企业号
Last updated 3 years ago by yantao0527 .
MIT · Repository · Bugs · Original npm · Tarball · package.json
$ cnpm install @yantao0527/passport-wechat-enterprise 
SYNC missed versions from official npm registry.


Passport strategy for authenticating with Wechat Enterprise Accounts using the OAuth 2.0 API.

Wechat Development Documents: Enterprise Accounts

This module lets you authenticate using Wechat in your Node.js applications. By plugging into Passport, Wechat authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express,Loopback. It also supports Loopback-Component-Passport.

Wechat Official Accounts version, see passport-wechat-public


$ npm install passport-wechat-enterprise


Configure Strategy

  • The Wechat authentication strategy authenticates users using a Wechat account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, options specifying an corp ID, corp secret, callback URL, and optionally state, scope. The last two are getAccessToken and saveAccessToken functions for access token, and both required.

    getAccessToken and saveAccessToken are two functions for access token, since wechat has limitation for retrieving access token.For every authentication, it will try to get the access token via getAccessToken function,if can't get one it will hit the wechat api /gettoken to get a new one then save it via saveAccessToken function.

passport.use("wechat",new WechatPublicStrategy({
    corpId: CORP_ID,
    corpSecret: CORP_SECRET,
    callbackURL: "http://localhost:3000/auth/wechat/callback",
    state: "state",
    scope: "snsapi_base"
  function(profile, done) {
    User.findOrCreate({ userId: profile.UserId }, function (err, user) {
      return done(err, user);
  function getAccessToken(cb) { ... },
  function saveAccessToken(accessToken,cb){ ... }

Authenticate Requests

Use passport.authenticate(), specifying the strategy with the name 'wechat' or default name 'wechat-enterprise', to authenticate requests.


For example


  passport.authenticate('wechat', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.


Simplely add the a wechat provider into your providers.json file. Notice:profile.id will be same with UserId.

Please see Strongloop official documents for more info about Loopback-Component-Passport.

  "wechat": {
    "provider": "wechat",
    "module": "passport-wechat-enterprise",
    "callbackURL": "/auth/wechat/callback",
    "successRedirect": "/auth/wechat/account",
    "failureRedirect": "/auth/wechat/failure",
    "scope": "snsapi_base",
    "corpId": "wxabe757c89bb6d74b",
    "corpSecret": "9a62bc24a31d5c7c2b1d053515d276f8",
    "authScheme": "OAuth 2.0"/*required*/
  • Since in loopback-component-passport, you won't initialize the Strategy by your own, do the trick, put the getAccessToken and saveAccessToken into the options, it's also acceptable.
function getAccessToken(cb) {...};
function saveAccessToken(accessToken, cb){...};
for (var s in config) {
    var c = config[s];
    c.session = c.session !== false;
    if(s === 'wechat') {
    	c.getAccessToken = getAccessToken;
    	c.saveAccessToken = saveAccessToken;
    passportConfigurator.configureProvider(s, c);


  • Wechat enterprise authentication only get simple profile,like below, so if you want to the complete profile, still need to hit the users API for more info.





Current Tags

  • 1.2.1                                ...           latest (3 years ago)

2 Versions

  • 1.2.1                                ...           3 years ago
  • 1.2.0                                ...           3 years ago
Maintainers (1)
Today 0
This Week 0
This Month 0
Last Day 0
Last Week 0
Last Month 1
Dependencies (3)
Dev Dependencies (7)
Dependents (0)

Copyright 2014 - 2016 © taobao.org |