
Express middleware for authenticating with Dartmouth CAS servers.

Primary LanguageJavaScript


Connect middleware for authenticating with Dartmouth CAS servers.


Usage, for the moment, is limited to restricting/allowing access to routes based on authentication status. Unauthenticated users are redirected to the Dartmouth WebAuth login page. I plan to add finer-grained control in the future, including splash pages and login links.

var dartAuth = require('dart-auth')
var app = require('express')();

app.use(dartAuth({ service: 'localhost:3000' }));


Express sessions must be enabled above authentication in the middleware chain.


You must pass a service option to the middleware. This is sent to the CAS server as the service name. The module will throw an error if no service is specified.

dartAuth({ service: 'localhost:3000' })

The module takes an optional logout_url option. If the logout url is visited, the session will be destroyed and the user will be logged out of the CAS server. If not specified, logout_url defaults to /logout.

    service: 'localhost:3000', 

Stored Properties

The middleware stores information for authenticated users on req.session.auth.

req.session.auth = {
    name : NAME,
    netid : NETID,
    username : USERNAME


Unit tests are written in Mocha. You need a valid Dartmouth NetId and password to run the tests:

make USR=netid PWD='password' test