GHauth
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data – all from the browser, and deployed in milliseconds.
index.ts
https://c15r--5a6eaba63b3a11f0bec79e149126039e.web.val.run
A Val Town service for handling GitHub OAuth authentication with redirect support for external applications.
- GitHub OAuth sign-in flow
- JWT token generation for authenticated users
- Redirect support for external applications
- Secure token validation
- User profile retrieval
- Graceful handling of missing configuration
- Go to GitHub Settings > Developer settings > OAuth Apps
- Click "New OAuth App"
- Fill in the details:
- Application name: Your app name
- Homepage URL: Your main application URL
- Authorization callback URL:
https://[your-val-url]/auth/callback
- Click "Register application"
- Note down your Client ID and generate a Client Secret
In your Val Town environment, set these variables:
GITHUB_CLIENT_ID: Your GitHub OAuth app client IDGITHUB_CLIENT_SECRET: Your GitHub OAuth app client secretJWT_SECRET: A secure random string for signing JWT tokens (generate withopenssl rand -base64 32)
Visit your Val Town URL to see the auth page and verify configuration.
- Redirect users to:
https://[your-val-url]/auth/signin?redirect_uri=[your-app-url] - Users will be redirected to GitHub for authentication
- After successful auth, users are redirected back to your app with a token:
[your-app-url]?token=[jwt-token]
Make a GET request to: https://[your-val-url]/auth/validate?token=[jwt-token]
Returns user profile if token is valid:
{ "valid": true, "user": { "id": 12345, "login": "username", "name": "User Name", "email": "user@example.com", "avatar_url": "https://avatars.githubusercontent.com/u/12345", "html_url": "https://github.com/username" }, "expires_at": 1640995200 }
GET /- Auth page UI with configuration statusGET /auth/signin?redirect_uri=URL- Initiate GitHub OAuth flowGET /auth/callback- Handle GitHub OAuth callback (internal)GET /auth/validate?token=JWT- Validate JWT token and return user infoGET /health- Health check with configuration status
See /examples/client-integration.md for detailed integration examples including:
- JavaScript/TypeScript frontend integration
- React component example
- Node.js backend middleware
- Security best practices
├── backend/
│ └── index.ts # Main Hono server with OAuth routes
├── frontend/
│ └── index.html # Auth page UI
├── shared/
│ └── types.ts # Shared TypeScript types
├── examples/
│ └── client-integration.md # Integration examples
└── README.md # This file
- JWT tokens with 7-day expiration
- State parameter validation to prevent CSRF
- Secure token signing with configurable secret
- Input validation and error handling
- HTTPS-only operation in production
The service provides clear error messages for:
- Missing configuration
- Invalid redirect URIs
- GitHub OAuth errors
- Token validation failures
- Network issues
The service gracefully handles missing environment variables during development, showing configuration warnings in the UI and API responses.