Learn to Code via Tutorials on Repl.it!

← Back to all posts
How to Repl Auth Express.js
Coder100 (18821)

How to use the Repl.it Authentication API with express.js



code, example


@mat1 Has made an epic tutorial on how to use repl.it authentication!
Sadly... it is with python.py and no offense, but python is pretty hard to use.
That's why I use express.js with node.js!

So, here's my tutorial:

You do what @mat1 did, but different: https://repl.it/talk/learn/Authenticating-users-with-Replit-Auth/23460

I used pug to achieve the same results, and instead of request.headers, you use request.get().

Try logging in!

Examine the code here: https://repl.it/@Coder100/Repl-Auth-Express

There's really not much more to say.

Read @mat1's tutorial and examine my code. Upvote if it worked for you and you could understand the code!

Deriving the API

If you go to Mozilla Firefox, open the repl auth website and type in a random domain, then click on inspect elements, and go to the network tab, fill in the form, you will see something interesting indeed. To get all that interesting headers, you will have to reload the page, as that is how you usually do anything that required updating. Well anyways, the rest is pretty self explanatory but I had to go to the https://expressjs.com documentation to learn how to use res.get().

How the code works

Pretty self explanatory, but if you want to know the gist of it, here you go.

Line 2: create an express application
Line 3: Not needed, this was for something else
Line 4: Use pug templates
Line 5: More unnecessary things
Line 8-25:
   Line 8: Get ‘/‘ directory
   Line 10-20: If the user has already logged in, we show template 1, which gives all the headers we know.
   Line 20-24: If the user hasn’t, we show template 2, which suggests the user should log in with repl.it
Line 28: Listen I’m on port 8080


 Lines 1-13: SEO
 Line 14-28:
    Line 14: Gets user and starts if statement
    Line 15-22: If the user has logged in, show user data
    Line 22-28: Otherwise, prompt user to log in

If you have any more questions, please comment below with your question!

Pictures and summary

Example of data:

You have authed. Welcome Coder100!
- Name: Coder100
- ID: 700842
- roles: self_learner

Summary: View the code here. Live working example here

Be sure to vote up this tutorial if you liked it!

MahadKalam (0)

I have a question, couldn't this be spoofed?

MahadKalam (0)

@Coder100 like, couldn't you change X-Replit-User-Name or the other headers to authenticate as someone else?

codingjlu (474)

req.get, not res.get.

TsunamiOrSumth (545)

O great Coder100, can you help me? (〃 ̄︶ ̄)

TalinSharma (77)

There is a cookie called REPL_AUTH, delete it...


YodaCode (96)

Is there a way to use normal HTML files instead of pug? HTML preprocessors are pointless in my opinion, and it would be a lot neater to just use regular HTML and Node.js.

Coder100 (18821)

@YodaCode yes, you can, what makes you think you can't?

YodaCode (96)

@Coder100 How would one go about doing that? Would I have to add AJAX requests to the auth page when it loads?

Coder100 (18821)

@YodaCode no, you literally just have the auth button, and then once you log in, you have a backend that would do redirects for you based on the headers

Coder100 (18821)

one thing tho, HTML preprocessors are not pointless, they will really speed up your workflow among others @YodaCode

YodaCode (96)

@Coder100 I have one more question. How do you log out using Repl.it?

Coder100 (18821)

delete all cookies and headers . @YodaCode

YodaCode (96)

@Coder100 ok thats what I thought. thank you

codingjlu (474)

@Coder100 cmon, be nice. He doesn't no what Pug is.

codingjlu (474)

@YodaCode I know it's late but Pug gets turned into HTML. You can do it online: https://pughtml.com/

Coder100 (18821)

no that is not the point of pug
yes of course it gets turned into HTML, but it is used for templating @codingjlu

codingjlu (474)

@Coder100 oh yeah true dat just use ejs it's better

YodaCode (96)

@codingjlu I do know what Pugjs is. It's not needed for the work I do. A great templating / backend engine is EasyJS (https://easyjs.yodacode.repl.co)

codingjlu (474)

@YodaCode lol what? never heard of that. EJS is better.

YodaCode (96)

@codingjlu You've never heard of it because I made it. Also, how can you say something is better than something you've never used? 🤔


Nice! But is it possible to do it with a normal html file? I don't know how pug files work

Coder100 (18821)

well, ig you could but it definitely wouldn't give you as much flexibility @CarlosRosiles

Whippingdot (678)

Hey Coder100, you know the website we are doing for repl.it.You are in on the project, we are adding repl auth. This is in this repl. I am doing my best to implement the repl auth by myself but if you can try to make it better. Also this is a different repl cause I already shared the other one. The link of the shared post is this @Coder100

ChezCoder (1606)

i am only sure of two things in life, I am an idiot, and @Coder100 is a coder god.

mamamia5x (83)

How do you do so without .pug files?

mamamia5x (83)

@Coder100 I mean, I want to make a HTML5 project that uses your username. How do I use the username and have the system remember it, within HTML5.

Coder100 (18821)

No, that's unfortunately not possible yet. You need a have a backend of some sort. @mamamia5x

ChezCoder (1606)

@Coder100 we can set a route that res.send's the auth info and use an XMLHttpRequest to send a req to this route each time

Coder100 (18821)

ah remote backends BIG BRAIN @ChezCoder

AgastyaSandhuja (170)

How do you get the profile picture?

Coder100 (18821)

why not use repl.it graphQL
Be sure to set these headers (found on bottom left):

  "X-Requested-With": "AgastyaSandhuja",
  "Referer": "https://repl.it",
  "Content-Type": "application/json",
  "User-Agent": "Mosaic"


TalinSharma (77)

I don't understand... Could you help?

Using with express.js...


RohilPatel (1594)

Good job! Upvote if you agree!

HackermonDev (2073)

As amasad said, "The first person to create something with this will get a shoutout in the next newsletter."

Coder100 (18821)

Yes. Why don't you make something cool with this? @PDanielY

HackermonDev (2073)

@Coder100 I would, but I don't know what to create

Coder100 (18821)

Why don't you use the user ID to save things to jsonstore.io? @PDanielY

HackermonDev (2073)

@Coder100 Ok, I guess I'll create that later.

RohilPatel (1594)

We already are with cyclebank. I'm pretty sure you are already a member. @PDanielY

HackermonDev (2073)

@RohilPatel oh no, Vandesm invite me so I could fix API error

Coder100 (18821)

Cycle bank has nothing to do with repl.it authentication.
You should probably read @amasad 's post @RohilPatel

AdCharity (1325)

@Coder100 wait you were in cycle bank?

HackermonDev (2073)

Thanks for making this

MatthewDoan1 (333)

Nice! I've been waiting for this.