authserver-123 v0.0.1
AuthServer
AuthServer is a Node.js package that enables to authenticate a user. The package is implemented as an Express.js Router using Password.js and it supports the following identity service providers:
The AuthServer code was inspired by the articles Logging Into React Native Apps with Facebook or Google and Add Facebook Authentication To A React Native Application. Originally, the AuthServer code was a part of myStuff back-end. On 20-May-2020, the code was modified to become a reusable NPM package.
+-----------------------+ +-------------------------------------------------------+
| Server | | Client |
| | | NO +------------+ YES |
| | | +-------+ token? +------+ |
| | | | +------------+ | |
| /auth | | | | |
| +-----------------+ | +------------+------------+ +-------+-------+ |
| |AuthServer router| | |Login screen | | | |
| | | | | +---------------------+ | | Application | |
| | /fb |<-----------------------------+ Login with Facebook | | | | |
| | | | | +---------------------+ | | UI | |
+-------->| /fb/callback | | | | | | |
| | | | | | +---------------------+ | +-------+-------+ |
| | | /ggl|<-----------------------------+ Login with Facebook | | ^ |
| | | | | | +---------------------+ | | |
+-------->| /ggl/callback | | +-------------------------+ | |
| | | | | | |
| | | | token | +-----------------+ | |
|<--------+ +--------------------------->| Store the token | | |
| | +-----------------+ | +-----------------+ | |
| | | | | |
| | +-------------------+ | | | |
| | | AuthServer authMW | | | | |
| | +-------------------+ | | | |
| | ^ | | | |
| | verify | | | | |
| | token | +----------+ | token | |
| | +---+ socket.io|<--------------------------------------------------------------------+ |
| | +----------+ | |
| +-----------------------+ +-------------------------------------------------------+
|
++----------+
| OAuth ||
| service ||
| provider ||
+-----------+|
-----------+When a user succesfully authenticates, AuthServer combines user's e-mail and a current date and encrypts this data using a secret key into a token that the Client will use to prove its identity when communicating with the Server.
How do I get set up?
Setting up the OAuth services
Before using AuthServer, one has to set up Facebook and Google apps to use their OAuth services
Configuration
AuthServer configuration consists of three parts:
- Module parameters passed in when instantiating the module
- Module configuration stored in config/config.js
- Confidential data stored in
config/secret.js
Module parameters passed in when instantiating the module
serverID- an arbitrary ID of the AuthServer instance.serverURL- URL of the server which AuthServer is a part of. It is used to construct OAuth callback URL and URL to which AuthServer redirects after a succesfull authentication. The server must use the HTTPS protocol otherwise Facebook does not accept the OAuth callback URL.mountPath- a path/route to which AuthServer is attached, e.g./auth. It is used to construct OAuth callback URL.redirectPath- a path/route to where AuthServer redirects after a succesfull authenticationdbHandle- not used
const APP_PROTOCOL = 'https';
const APP_DOMAIN = '192.168.2.243';
const APP_PORT = 3001;
const AUTH_PATH = '/auth';
const UI_PATH = '/test';
const authServerConfig = {
serverID: 007,
serverURL: APP_PROTOCOL + '://' + APP_DOMAIN + ':' + APP_PORT,
mountPath: AUTH_PATH,
redirectPath: UI_PATH,
dbHandle: null,
};
const {authRouter} = require('authserver')(authServerConfig);Module configuration stored in config/config.js
Confidential data stored in config/secret.js
module.exports = {
SECRET: "",
fbSecret: {
clientID: '',
clientSecret: '',
},
gglSecret: {
clientID: '',
clientSecret: '',
}
};SECRET- a string that is used to encrypt a token which contains the information about a user identity. This token is exchanged between the server (which AuthServer is a part of) and a client which connects to the server.fbSecret- credentials of the Facebook OAuth servicegglSecret- credentials of the Google OAuth service
Dependencies
- express": "^4.17.1",
- jsonwebtoken": "^8.5.1",
- jspnodeutils": "file:../jspnodeutils",
- mongodb": "^3.5.7",
- passport": "^0.4.1",
- passport-facebook": "^3.0.0",
- passport-google-oauth20": "^2.0.0",
- util": "^0.12.3"
How to run tests
TODO
Deployment instructions
authserver has not been registered as an NPM package yet.
Clone the authserver git repo and install its dependencies
cd <authserver_parent_dir>
git clone git@bitbucket.org:jspudich/authserver.git
cd <authserver_parent_dir>/authserver
npm installInstall the authserver package as a dependency of your project
cd <your_project_dir>
npm install <authserver_parent_dir>/authserverContribution guidelines
- Writing tests
- Code review
- Other guidelines
Who do I talk to?
- Repo owner or admin
- Other community or team contact
Edit a file, create a new file, and clone from Bitbucket in under 2 minutes
When you're done, you can delete the content in this README and update the file with details for others getting started with your repository.
We recommend that you open this README in another tab as you perform the tasks below. You can watch our video for a full demo of all the steps in this tutorial. Open the video in a new tab to avoid leaving Bitbucket.
Edit a file
You’ll start by editing this README file to learn how to edit a file in Bitbucket.
- Click Source on the left side.
- Click the README.md link from the list of files.
- Click the Edit button.
- Delete the following text: Delete this line to make a change to the README from Bitbucket.
- After making your change, click Commit and then Commit again in the dialog. The commit page will open and you’ll see the change you just made.
- Go back to the Source page.
Create a file
Next, you’ll add a new file to this repository.
- Click the New file button at the top of the Source page.
- Give the file a filename of contributors.txt.
- Enter your name in the empty file space.
- Click Commit and then Commit again in the dialog.
- Go back to the Source page.
Before you move on, go ahead and explore the repository. You've already seen the Source page, but check out the Commits, Branches, and Settings pages.
Clone a repository
Use these steps to clone from SourceTree, our client for using the repository command-line free. Cloning allows you to work on your files locally. If you don't yet have SourceTree, download and install first. If you prefer to clone from the command line, see Clone a repository.
- You’ll see the clone button under the Source heading. Click that button.
- Now click Check out in SourceTree. You may need to create a SourceTree account or log in.
- When you see the Clone New dialog in SourceTree, update the destination path and name if you’d like to and then click Clone.
- Open the directory you just created to see your repository’s files.
Now that you're more familiar with your Bitbucket repository, go ahead and add a new file locally. You can push your change back to Bitbucket with SourceTree, or you can add, commit, and push from the command line.
3 years ago