Passport extension for web3 wallet. Use this if signing in via
This module is installed directly using npm
$ npm install @incubiq/passport-wallet
The passport-wallet authentication strategy authenticates users using a browser plugin wallet and a wallet address. The strategy requires a verify callback, which accepts the following credentials. Create a authenticate/passport_siww.js file and copy the code below.
const passport = require('passport');
const SIWWStrategy = require("@incubiq/passport-wallet").Strategy;
// register this SIWW strategy ; make use of a cSIWW const which carries your SIWW app data (ID, secret, callback...)
passport.use(new SIWWStrategy({
clientID: cSIWW.clientID, // our app_id
clientSecret: cSIWW.clientSecret, // our app_secret (only used if enableProof is true)
callbackURL: cSIWW.callbackURL, // our callback URL
enableProof: true, // set to true to make use of the app_secret to secure calls (false = unsecured calls)
authorizationURL: "oauth/dialog/authorize", // where we call SIWW for authorization (fixed URL)
tokenURL:"oauth/token", // where we call SIWW for getting oAuth token (fixed URL)
profileURL:"oauth/resources/profile" // where we call SIWW for receiving end use's profile (fixed URL)
function(accessToken, refreshToken, profile, done) {
try {
if(!profile) {
return done(null, false, {}); // got an error...
// call your register user here, and make use of the profile data received
// profile.connector => the SIWW wallet connector (eg SIWC for "Sign-in with Cardano")
// profile.blockchain => the blockchain used by SIWW for authentication (eg "cardano")
// profile.username => the user's SIWW unique username
// profile.wallet_id, => the signing wallet's name (eg "nami")
// profile.wallet_address, => the signing wallet's address (eg "addr123....")
// profile.authorizations, => array of authorization levels received from SIWW
process.nextTick(function () {
return done(null, obj);
return done(null, false, "failed to register user");
catch (err) {
return done(null, false, err);
Then to authenticate requests, use passport.authenticate(), specifying the strategy defined in the above file passport_siww.js.
Setup the route as follows:
const passportSIWW = require("../authenticate/passport_siww");
router.get('/siww',passport.authenticate('SIWW', {session: false})); // will call SIWW /oauth/dialog/authorize
router.get('/siww/callback', passportSIWW.authenticate('SIWW', {
failureRedirect: '/auth/unauthorized',
session: false
}), function (req, res) {
// completeLogin(req, res);
See a full working sample here: