1.0.1 • Published 6 years ago

myoauth2 v1.0.1

Weekly downloads
-
License
ISC
Repository
-
Last release
6 years ago

myoauth2

1、loopback代码component-config.json中引入loopback-component-oauth2后,middleware.json中引入scope后,访问相应的接口api时,只会验证是否是aouth2s生成的access_token,不支持login后AccessToken model生成的access_token 2、改动处:(a) loopback-component-oauth2/lib/resource-server.js 37行和40-44行,增加AccessToken判断,并将原有逻辑放入46行的else判断 (b) loopback-component-oauth2/lib/scope.js 114行-116行 3、注意:接口的形式是基于/api/Users/:userId/.*, req.baseUrl.split('/')3解析出userId,用AccessToken model对userId和accessToken进行验证

other

用loopack-component-oauth2的代码推荐是和主应用分离,另起一个应用单独作为oauth2,数据库可以保持一致。这样主应用的认证不会受到影响,而oauth2应用的接口api就只提供用ouath2生成的access_token来获取用户信息

加入passport-accesstoken-oauth2模块,验证携带token的请求,不用输入用户名和密码

loopbackoauth2myoauth2
asyncbody-parserconnect-ensure-logindebugjwspassportpassport-accesstoken-oauth2passport-httppassport-http-bearerpassport-localpassport-oauth2-client-passwordpassport-strategypath-to-regexppkginfostrong-globalizeuid2utils-merge
@infinitebrahmanuniverse/nolb-myo@everything-registry/sub-chunk-2236@zalastax/nolb-myo
1.0.1

6 years ago

1.0.0

6 years ago