dpd-passport-fields v0.0.11

Auth-Passport Resource

This custom resource type allows you to authorize your users using the powerful Passport. Currently, the following methods are supported for authentification:

• local (i.e. username + password) - ONLY HTTP-POST METHOD
• Twitter (using Api v1.1)
• Facebook (using OAuth)
• GitHub
• Google
• Dribbble

Others can be implemented easily if Passport supports them.

Requirements

• deployd (you'd have guessed that, probably :-))
• User-Collection named users with at least these custom fields:

{
    "type": "UserCollection",
    "properties": {
        "email": {
            "name": "email",
            "type": "string",
            "typeLabel": "string",
            "required": false,
            "id": "email",
            "order": 0
        },
        "fname": {
            "name": "fname",
            "type": "string",
            "typeLabel": "string",
            "required": false,
            "id": "fname",
            "order": 1
        },
        "lname": {
            "name": "lname",
            "type": "string",
            "typeLabel": "string",
            "required": false,
            "id": "lname",
            "order": 2
        },
        "gender": {
            "name": "gender",
            "type": "string",
            "typeLabel": "string",
            "required": false,
            "id": "gender",
            "order": 3
        },
        "dob": {
            "name": "dob",
            "type": "number",
            "typeLabel": "number",
            "required": false,
            "id": "dob",
            "order": 4
        },
        "created": {
            "name": "created",
            "type": "number",
            "typeLabel": "number",
            "required": false,
            "id": "created",
            "order": 5
        },
        "lastlogin": {
            "name": "lastlogin",
            "type": "number",
            "typeLabel": "number",
            "required": false,
            "id": "lastlogin",
            "order": 6
        },
        "socialAccount": {
            "name": "socialAccount",
            "type": "string",
            "typeLabel": "string",
            "required": false,
            "id": "socialAccount",
            "order": 7
        },
        "socialAccountId": {
            "name": "socialAccountId",
            "type": "string",
            "typeLabel": "string",
            "required": false,
            "id": "socialAccountId",
            "order": 8
        },
        "profile": {
            "name": "profile",
            "type": "object",
            "typeLabel": "object",
            "required": false,
            "id": "profile",
            "order": 9
        }
    }
}

Notice

In order to avoid the checks for username and password, dpd-passport creates a dummy username and a password hash. That makes it impossible to login locally, but are visible in the deployd backend and must not be edited!

Updating from v0.3.0 or lower

To avoid error for existing users after the update, every user has to login again before any updates of the user object can be achieved.

Installation

In your app's root directory, type npm install dpd-passport into the command line or download the source. This should create a dpd-passport directory in your app's node_modules directory.

See Installing Modules for details.

Setup

Open your Dashboard and add the new Passport-Auth Resource. Then configure which modules you want to allow for your users and supply the required information for each module.

Note: You may supply the baseURL (your website's root) via the environment variable DPD_PASSPORT_BASEURL. This is especially useful when you have a single codebase for testing + production environments.

For Facebook, include this in the admin page:

facebookScope: "email","user_birthday","user_location" facebookFields: "age_range","gender","location","birthday","picture","name","email","about"

Usage

Point your users to /auth/{twitter,facebook,github,google} to have them login (or signup) via the specified module. After that, Auth-Passport completely takes over and redirects the users according to the OAuth(2) flow.

Also You can use /auth/login to login on local user collection but it has to be POST method.

Usage in Mobile Apps

Auth-Passport was built with usage in mobile Apps in mind. From inside your mobile app, open a browser and point the user to your website's /auth/{login,twitter,facebook,github} endpoint. From there, Auth-Passport will take over and guide (i.e. redirect) your user through the different steps needed for each provider, until the user has authorized your app and logged in successfully.

Now you can get hold of your user and his session, by specifying a redirectURL in the original request. After the login is done (no matter if it was successful or not), your user will be redirected to the specified URL. Supply some app-specific URL (see your platform's SDK on how that looks) and catch the response in your app. Auth-Passport will supply the following information:

• sid (String) Session ID in deployd, send this in every subsequent request
• uid (String) User ID of the user that just logged in
• success (Bool) true, if login was successfull
• error (String) contains the error message in case of an error

Development

To get started with development, please fork this repository and make your desired changes. Please note that we do all our dev work on bitbucket, so while you may submit pull requests on github, we will only push releases to github once they are finished.

Credits

We'd like to thank Passport for building this amazing auth-framework!

Auth-Passport is the work of simpleTechs.net

Contributors

The following people contributed some of there valuable spare time to make this module even better. Please add yourself to the list, in case we forgot you.

• Tristan
• Andy
• Andrei
• Burak