platform/packages/auth/README.md

# Angel3 Anthentication

![Pub Version (including pre-releases)](https://img.shields.io/pub/v/angel3_auth?include_prereleases)
[![Null Safety](https://img.shields.io/badge/null-safety-brightgreen)](https://dart.dev/null-safety)
[![Discord](https://img.shields.io/discord/1060322353214660698)](https://discord.gg/3X6bxTUdCM)
[![License](https://img.shields.io/github/license/dart-backend/angel)](https://github.com/dart-backend/angel/tree/master/packages/auth/LICENSE)

A complete authentication plugin for Angel3. Inspired by Passport. More details in the [User Guide](https://angel3-docs.dukefirehawk.com/guides/authentication).

## Bundled Strategies

* Local (with and without Basic Auth)
* Find other strategies (Twitter, Google, OAuth2, etc.) on pub

## Example

Ensure you have read the [User Guide](https://angel3-docs.dukefirehawk.com/guides/authentication).

```dart
configureServer(Angel app) async {
  var auth = AngelAuth<User>(
    serializer: (user) => user.id ?? '',
    deserializer: (id) => fetchAUserByIdSomehow(id
  );
  auth.strategies['local'] = LocalAuthStrategy(...);
  
  // POST route to handle username+password
  app.post('/local', auth.authenticate('local'));

  // Using Angel's asynchronous injections, we can parse the JWT
  // on demand. It won't be parsed until we check.
  app.get('/profile', ioc((User user) {
    print(user.description);
  }));
  
  // Use a comma to try multiple strategies!!!
  //
  // Each strategy is run sequentially. If one succeeds, the loop ends.
  // Authentication failures will just cause the loop to continue.
  // 
  // If the last strategy throws an authentication failure, then
  // a `401 Not Authenticated` is thrown.
  var chainedHandler = auth.authenticate(
    ['basic','facebook'],
    authOptions
  );
  
  // Apply angel_auth-specific configuration.
  await app.configure(auth.configureServer);
}
```

## Default Authentication Callback

A frequent use case within SPA's is opening OAuth login endpoints in a separate window. [`angel3_client`](https://pub.dev/packages/angel3_client) provides a facility for this, which works perfectly with the default callback provided in this package.

```dart
configureServer(Angel app) async {
  var handler = auth.authenticate(
    'facebook',
    AngelAuthOptions(callback: confirmPopupAuthentication()));
  app.get('/auth/facebook', handler);
  
  // Use a comma to try multiple strategies!!!
  //
  // Each strategy is run sequentially. If one succeeds, the loop ends.
  // Authentication failures will just cause the loop to continue.
  // 
  // If the last strategy throws an authentication failure, then
  // a `401 Not Authenticated` is thrown.
  var chainedHandler = auth.authenticate(
    ['basic','facebook'],
    authOptions
  );
}
```

This renders a simple HTML page that fires the user's JWT as a `token` event in `window.opener`. `angel3_client` [exposes this as a Stream](https://pub.dev/documentation/angel3_client/latest/):

```dart
app.authenticateViaPopup('/auth/google').listen((jwt) {
  // Do something with the JWT
});
```
Updated auth 2021-07-08 01:20:21 +00:00			`# Angel3 Anthentication`

Updated auth, model, container and its generator 2021-09-26 06:53:42 +00:00			`![Pub Version (including pre-releases)](https://img.shields.io/pub/v/angel3_auth?include_prereleases)`
Publish angel3_auth 2021-05-14 11:09:48 +00:00			`[![Null Safety](https://img.shields.io/badge/null-safety-brightgreen)](https://dart.dev/null-safety)`
Replaced Gitter with Discord chat 2024-07-07 15:02:49 +00:00			`[![Discord](https://img.shields.io/discord/1060322353214660698)](https://discord.gg/3X6bxTUdCM)`
Updated repository links 2023-12-25 03:45:10 +00:00			`[![License](https://img.shields.io/github/license/dart-backend/angel)](https://github.com/dart-backend/angel/tree/master/packages/auth/LICENSE)`
+10 2016-11-23 20:37:40 +00:00
Updated auth 2021-07-08 01:20:21 +00:00			`A complete authentication plugin for Angel3. Inspired by Passport. More details in the [User Guide](https://angel3-docs.dukefirehawk.com/guides/authentication).`
+6 2016-09-21 06:19:52 +00:00
Updated auth 2021-07-08 01:20:21 +00:00			`## Bundled Strategies`
+6 2016-09-21 06:19:52 +00:00
12 2016-12-03 18:23:11 +00:00			`* Local (with and without Basic Auth)`
Updated auth 2021-07-08 01:20:21 +00:00			`* Find other strategies (Twitter, Google, OAuth2, etc.) on pub`

			`## Example`
1.0.5 2017-06-03 21:39:55 +00:00
Updated auth 2021-07-08 01:20:21 +00:00			`Ensure you have read the [User Guide](https://angel3-docs.dukefirehawk.com/guides/authentication).`
1.0.5 2017-06-03 21:39:55 +00:00
			```dart
			`configureServer(Angel app) async {`
Updated auth 2021-09-29 07:40:27 +00:00			`var auth = AngelAuth<User>(`
			`serializer: (user) => user.id ?? '',`
Fixed Basic Auth issue 2023-06-07 16:42:34 +00:00			`deserializer: (id) => fetchAUserByIdSomehow(id`
Updated auth 2021-09-29 07:40:27 +00:00			`);`
Remove "new" 2019-04-19 07:50:04 +00:00			`auth.strategies['local'] = LocalAuthStrategy(...);`
1.0.5 2017-06-03 21:39:55 +00:00
			`// POST route to handle username+password`
			`app.post('/local', auth.authenticate('local'));`
Use async injection instead of decodeJwt 2019-04-19 09:08:06 +00:00
			`// Using Angel's asynchronous injections, we can parse the JWT`
			`// on demand. It won't be parsed until we check.`
			`app.get('/profile', ioc((User user) {`
			`print(user.description);`
			`}));`
1.0.5 2017-06-03 21:39:55 +00:00
			`// Use a comma to try multiple strategies!!!`
			`//`
			`// Each strategy is run sequentially. If one succeeds, the loop ends.`
			`// Authentication failures will just cause the loop to continue.`
			`//`
			`// If the last strategy throws an authentication failure, then`
			// a `401 Not Authenticated` is thrown.
			`var chainedHandler = auth.authenticate(`
Fixed commas 2017-09-24 04:32:38 +00:00			`['basic','facebook'],`
1.0.5 2017-06-03 21:39:55 +00:00			`authOptions`
			`);`
Fixed commas 2017-09-24 04:32:38 +00:00
Use async injection instead of decodeJwt 2019-04-19 09:08:06 +00:00			`// Apply angel_auth-specific configuration.`
Fixed commas 2017-09-24 04:32:38 +00:00			`await app.configure(auth.configureServer);`
1.0.5 2017-06-03 21:39:55 +00:00			`}`
			```
1.0.0 2017-02-28 22:16:25 +00:00
Updated auth 2021-07-08 01:20:21 +00:00			`## Default Authentication Callback`

Updated auth, model, container and its generator 2021-09-26 06:53:42 +00:00			A frequent use case within SPA's is opening OAuth login endpoints in a separate window. [`angel3_client`](https://pub.dev/packages/angel3_client) provides a facility for this, which works perfectly with the default callback provided in this package.
1.0.0 2017-02-28 22:16:25 +00:00
			```dart
1.0.5 2017-06-03 21:39:55 +00:00			`configureServer(Angel app) async {`
			`var handler = auth.authenticate(`
			`'facebook',`
Remove "new" 2019-04-19 07:50:04 +00:00			`AngelAuthOptions(callback: confirmPopupAuthentication()));`
1.0.5 2017-06-03 21:39:55 +00:00			`app.get('/auth/facebook', handler);`

			`// Use a comma to try multiple strategies!!!`
			`//`
			`// Each strategy is run sequentially. If one succeeds, the loop ends.`
			`// Authentication failures will just cause the loop to continue.`
			`//`
			`// If the last strategy throws an authentication failure, then`
			// a `401 Not Authenticated` is thrown.
			`var chainedHandler = auth.authenticate(`
Fixed commas 2017-09-24 04:32:38 +00:00			`['basic','facebook'],`
1.0.5 2017-06-03 21:39:55 +00:00			`authOptions`
			`);`
			`}`
1.0.0 2017-02-28 22:16:25 +00:00			```
1.0.5 2017-06-03 21:39:55 +00:00
Updated auth, model, container and its generator 2021-09-26 06:53:42 +00:00			This renders a simple HTML page that fires the user's JWT as a `token` event in `window.opener`. `angel3_client` [exposes this as a Stream](https://pub.dev/documentation/angel3_client/latest/):
Update README.md 2017-04-12 12:03:31 +00:00
			```dart
			`app.authenticateViaPopup('/auth/google').listen((jwt) {`
			`// Do something with the JWT`
			`});`
			```