thunderID()
The thunderID() function returns Express middleware that initializes a ThunderIDExpressClient and attaches it to both req.thunderIDAuth and res.thunderIDAuth.
Signature
thunderID(config: ThunderIDExpressConfig): express.RequestHandler
Import
const {thunderID} = require('@thunderid/express');
Overview
Use thunderID() near the top of your middleware stack. It initializes the SDK once, then exposes the initialized client to later middleware and route handlers.
Unlike the old thunderID() router, this middleware does not mount any routes automatically. Register sign-in and sign-out handlers explicitly.
Usage
index.js
const express = require('express');
const cookieParser = require('cookie-parser');
const {thunderID, handleSignIn, handleSignOut} = require('@thunderid/express');
const app = express();
app.use(cookieParser());
app.use(express.json());
app.use(
thunderID({
baseUrl: 'https://localhost:8090',
clientId: '<your-client-id>',
clientSecret: '<your-client-secret>',
}),
);
app.get('/login', handleSignIn());
app.get('/logout', handleSignOut());
Middleware Ordering
- Mount
cookie-parserbefore routes that depend onreq.cookies - Mount
express.json()beforehandleFlow()if you use embedded sign-in - Mount
thunderID()beforehandleSignIn(),handleSignOut(),protect(), orhandleFlow()
Runtime Behavior
- Creates a
ThunderIDExpressClient - Initializes the client with the provided configuration
- Attaches the initialized client to:
req.thunderIDAuthres.thunderIDAuth
If afterSignInUrl or afterSignOutUrl is not provided, the middleware resolves defaults from the first incoming request origin:
afterSignInUrl:${origin}/loginafterSignOutUrl:${origin}/logout
Notes
ThunderIDExpressConfigis currently an alias ofExpressClientConfig- The initialized client is available to later handlers such as
handleSignIn()and to route handlers that callreq.thunderIDAuth.getUserFromRequest(req)
