2021-07-08 01:20:21 +00:00
# Angel3 Anthentication
2021-07-08 05:23:02 +00:00
[![version ](https://img.shields.io/badge/pub-v4.0.4-brightgreen )](https://pub.dev/packages/angel3_auth)
2021-05-14 11:09:48 +00:00
[![Null Safety ](https://img.shields.io/badge/null-safety-brightgreen )](https://dart.dev/null-safety)
2021-05-15 06:32:25 +00:00
[![Gitter ](https://img.shields.io/gitter/room/angel_dart/discussion )](https://gitter.im/angel_dart/discussion)
2016-11-23 20:37:40 +00:00
2021-05-14 11:09:48 +00:00
[![License ](https://img.shields.io/github/license/dukefirehawk/angel )](https://github.com/dukefirehawk/angel/tree/angel3/packages/auth/LICENSE)
2016-11-23 20:37:40 +00:00
2021-07-08 01:20:21 +00:00
A complete authentication plugin for Angel3. Inspired by Passport. More details in the [User Guide ](https://angel3-docs.dukefirehawk.com/guides/authentication ).
2016-09-21 06:19:52 +00:00
2021-07-08 01:20:21 +00:00
## Bundled Strategies
2016-09-21 06:19:52 +00:00
2016-12-03 18:23:11 +00:00
* Local (with and without Basic Auth)
2021-07-08 01:20:21 +00:00
* Find other strategies (Twitter, Google, OAuth2, etc.) on pub
## Example
2017-06-03 21:39:55 +00:00
2021-07-08 01:20:21 +00:00
Ensure you have read the [User Guide ](https://angel3-docs.dukefirehawk.com/guides/authentication ).
2017-06-03 21:39:55 +00:00
```dart
configureServer(Angel app) async {
2019-04-19 09:08:06 +00:00
var auth = AngelAuth< User > ();
2017-06-03 21:39:55 +00:00
auth.serializer = ...;
auth.deserializer = ...;
2019-04-19 07:50:04 +00:00
auth.strategies['local'] = LocalAuthStrategy(...);
2017-06-03 21:39:55 +00:00
// POST route to handle username+password
app.post('/local', auth.authenticate('local'));
2019-04-19 09:08:06 +00:00
// Using Angel's asynchronous injections, we can parse the JWT
// on demand. It won't be parsed until we check.
app.get('/profile', ioc((User user) {
print(user.description);
}));
2017-06-03 21:39:55 +00:00
// Use a comma to try multiple strategies!!!
//
// Each strategy is run sequentially. If one succeeds, the loop ends.
// Authentication failures will just cause the loop to continue.
//
// If the last strategy throws an authentication failure, then
// a `401 Not Authenticated` is thrown.
var chainedHandler = auth.authenticate(
2017-09-24 04:32:38 +00:00
['basic','facebook'],
2017-06-03 21:39:55 +00:00
authOptions
);
2017-09-24 04:32:38 +00:00
2019-04-19 09:08:06 +00:00
// Apply angel_auth-specific configuration.
2017-09-24 04:32:38 +00:00
await app.configure(auth.configureServer);
2017-06-03 21:39:55 +00:00
}
```
2017-02-28 22:16:25 +00:00
2021-07-08 01:20:21 +00:00
## Default Authentication Callback
2017-02-28 22:16:25 +00:00
A frequent use case within SPA's is opening OAuth login endpoints in a separate window.
2021-07-08 01:20:21 +00:00
[`angel3_client` ](https://github.com/dukefirehawk/angel/tree/angel3/packages/client )
provides a facility for this, which works perfectly with the default callback provided in this package.
2017-02-28 22:16:25 +00:00
```dart
2017-06-03 21:39:55 +00:00
configureServer(Angel app) async {
var handler = auth.authenticate(
'facebook',
2019-04-19 07:50:04 +00:00
AngelAuthOptions(callback: confirmPopupAuthentication()));
2017-06-03 21:39:55 +00:00
app.get('/auth/facebook', handler);
// Use a comma to try multiple strategies!!!
//
// Each strategy is run sequentially. If one succeeds, the loop ends.
// Authentication failures will just cause the loop to continue.
//
// If the last strategy throws an authentication failure, then
// a `401 Not Authenticated` is thrown.
var chainedHandler = auth.authenticate(
2017-09-24 04:32:38 +00:00
['basic','facebook'],
2017-06-03 21:39:55 +00:00
authOptions
);
}
2017-02-28 22:16:25 +00:00
```
2017-06-03 21:39:55 +00:00
2017-04-12 12:03:31 +00:00
This renders a simple HTML page that fires the user's JWT as a `token` event in `window.opener` .
2021-07-08 01:20:21 +00:00
`angel3_client` [exposes this as a Stream ](https://github.com/dukefirehawk/angel/tree/angel3/packages/client#authentication ):
2017-04-12 12:03:31 +00:00
```dart
app.authenticateViaPopup('/auth/google').listen((jwt) {
// Do something with the JWT
});
```