@hilma/auth-server NPM

Hilma Auth (Server)

Hilma Auth Server side is build over loopback 3, Providing you usefull extentions to the basic loopback auth. (Previously named auth, tools, supermodel)

Installation

Go into your project, make sure you are inside the server folder (root folder, mostly):

via NPM

  npm install @hilma/auth-server

via Submodule

  git submodule add https://github.com/hilma-tech/hilma-auth-server.git auth

Important: Make sure you add to model-config.json the path to the module.

Introduction

Hilma Auth Server is divided to 3 main things:

Mixins -- > delete-relations.js, extended-user.js
Models -- > access-logger.json, stop.json. stop.js
Tools -- > discover-models, time-calcs, validate-tools

roleAccessConfig

In order to use custom components and dhp for each role, you'll need to add to your server/config.json something like this:

"roleAccessConfig": {
  "ADMIN": {
    "comps": [
      "AdminMain"
    ],
    "defaultHomePage": "AdminMain"
  },
  "TRAINER": {
    "comps": [
      "TrainerMain"
    ],
    "defaultHomePage": "TrainerMain"
  },
  "COACH": {
    "comps": [
      "CoachHome"
    ],
    "defaultHomePage": "CoachHome"
  }
}

Mixins

Extended User

You can add the Extended User mixin to your user model, like that:

{
  "name": "Customer",
  "base": "User",
  "mixins": {
    "ExtendedUser": true,
   }
 }

What this mixins adds to your model (basic addons)?

When you activate the mixins, it gives you the following addons: | Addone | Explenation | | ------ | ------ | | Created, Modified | Create a 'Created' and 'Modified' properties on your model. | | RoleMapping | HasOne Relation to role-mapping model. | | After login | Gives you kl, klos, access-token cookies after login. | | Authenticate (func) | checks if the requested user has a valid AccessToken. | | deleteUserItems (func) | Delete the user Items after logout |

More Addones

If you want, you can allow more options to this mixin.

Disable Email
If true, disable all Email related requirements - you won't need to provide an email while login or register, etc. Accepts a boolean (default false) Example:
```
     "ExtendedUser": {
         "DisableEmail": true,
      }
```
Default Max Age
Define for how long the cookies are going to last (milliseconds). Accepts a number. Example:
```
     "ExtendedUser": {
         "DefaultMaxAge": 31556952000,
      }
```
( 31556952000 = one year in ms )
ManagedPasswords
Optional functions to manage user's password for security reasons. | property | Explenation | Default | type | ------ | ------ | ------ | ------ | | PreviousPasswords | Saves each user's 5 last passwords (encrypted) on a table name "Stop". Won't let user change their password to one of the previous ones. | false | boolean | ForceResetPassword | Force the user to change password after time specified. if "true" - uses the default value. Otherwise, use the number provided. | 6 months in ms (15552000000) | boolean\ number (ms)
Example:
```
     "ExtendedUser": {
        "ManagedPasswords": {
         "PreviousPasswords": true,
         "ForceResetPassword": 93434223344
        }
      }
```
AccessLogger
Won't let user log in if they fail to log in X times. | property | Explenation | Default | ------ | ------ | ------ | | BlockCount | The number of tries a user have before they been block. | 5 | BlockTime | The time the user has to wait before trying to log in again (milliseconds) | 600000 Example:
```
     "ExtendedUser": {
         "AccessLogger": {
            "BlockCount": 3,
            "BlockTime": 50000
         },
      }
```
ResetPassword
Reset Password option will let the user reset his password through an email. | property | Explenation | Default | ------ | ------ | ------ | | Subject | The subject of the mail sent to the user. | Password Reset | TextStart | The text to begin the mail with. | Click | Click | The href text | here | TextEnd | The text to ends the mail with. | to reset your password
Example:
```
     "ExtendedUser": {
       "ResetPassword": {
         "Subject": "איפוס ססמה בתן כתף",
         "TextStart": "שלום, על מנת לאפס ססמה לחץ",
         "Click": "ממש פה!!!",
         "TextEnd": "יום מקסים שיהיה לכם"
        },
      }
```
EmailVarification
Reset Password option will let the user reset his password through an email. | property | Explenation | Default | ------ | ------ | ------ | | Subject | The subject of the mail sent to the user. | Verify Registration | TextStart | The text to begin the mail with. | Click | Click | The href text | here | TextEnd | The text to ends the mail with. | to verify your email
Example:
```
     "ExtendedUser": {
          "EmailVarification": {
            "Subject": "תן כתף - אימות אימייל",
            "TextStart": "שלום, על מנת לאמת את אימיילך לחץ",
            "Click": "כאן!!!!!",
            "TextEnd": "יום מבורך"
          }
      }
```

Example of all ExtendedUser mixins' options:

{
 "mixins": {
    "ExtendedUser": {
      "DefaultMaxAge": 3545344424, 
      "DisableEmail": true,
      "ManagedPasswords": {
         "PreviousPasswords": true,
         "ForceResetPassword": 93434223344
       },
      "AccessLogger": {
        "BlockCount": 3,
        "BlockTime": 50000
      },
      "ResetPassword": {
        "Subject": "איפוס ססמה בתן כתף",
        "TextStart": "שלום, על מנת לאפס ססמה לחץ",
        "Click": "ממש פה!!!",
        "TextEnd": "יום מקסים שיהיה לכם"
      },
      "EmailVarification": {
        "Subject": "תן כתף - אימות אימייל",
        "TextStart": "שלום, על מנת לאמת את אימיילך לחץ",
        "Click": "כאן!!!!!",
        "TextEnd": "יום מבורך"
      }
    }
  }
}

Delete Relations

This mixin deletes somtehing and everything related to it. It create a function to the model (Model.deleteRelationalById), which accept an Id of the user.