2021-05-14 11:09:48 +00:00
|
|
|
# angel3_auth
|
2021-06-01 01:01:01 +00:00
|
|
|
[![version](https://img.shields.io/badge/pub-v4.0.3-brightgreen)](https://pub.dartlang.org/packages/angel3_auth)
|
2021-05-14 11:09:48 +00:00
|
|
|
[![Null Safety](https://img.shields.io/badge/null-safety-brightgreen)](https://dart.dev/null-safety)
|
2021-05-15 06:32:25 +00:00
|
|
|
[![Gitter](https://img.shields.io/gitter/room/angel_dart/discussion)](https://gitter.im/angel_dart/discussion)
|
2016-11-23 20:37:40 +00:00
|
|
|
|
2021-05-14 11:09:48 +00:00
|
|
|
[![License](https://img.shields.io/github/license/dukefirehawk/angel)](https://github.com/dukefirehawk/angel/tree/angel3/packages/auth/LICENSE)
|
2016-11-23 20:37:40 +00:00
|
|
|
|
2016-05-02 23:39:57 +00:00
|
|
|
A complete authentication plugin for Angel. Inspired by Passport.
|
2016-09-21 06:19:52 +00:00
|
|
|
|
2017-06-03 21:39:55 +00:00
|
|
|
# Wiki
|
2016-11-23 20:37:40 +00:00
|
|
|
[Click here](https://github.com/angel-dart/auth/wiki).
|
2016-09-21 06:19:52 +00:00
|
|
|
|
2017-06-03 21:39:55 +00:00
|
|
|
# Bundled Strategies
|
2016-12-03 18:23:11 +00:00
|
|
|
* Local (with and without Basic Auth)
|
2017-06-03 21:39:55 +00:00
|
|
|
* Find other strategies (Twitter, Google, OAuth2, etc.) on Pub!!!
|
|
|
|
|
|
|
|
# Example
|
|
|
|
Ensure you have read the [wiki](https://github.com/angel-dart/auth/wiki).
|
|
|
|
|
|
|
|
```dart
|
|
|
|
configureServer(Angel app) async {
|
2019-04-19 09:08:06 +00:00
|
|
|
var auth = AngelAuth<User>();
|
2017-06-03 21:39:55 +00:00
|
|
|
auth.serializer = ...;
|
|
|
|
auth.deserializer = ...;
|
2019-04-19 07:50:04 +00:00
|
|
|
auth.strategies['local'] = LocalAuthStrategy(...);
|
2017-06-03 21:39:55 +00:00
|
|
|
|
|
|
|
// POST route to handle username+password
|
|
|
|
app.post('/local', auth.authenticate('local'));
|
2019-04-19 09:08:06 +00:00
|
|
|
|
|
|
|
// Using Angel's asynchronous injections, we can parse the JWT
|
|
|
|
// on demand. It won't be parsed until we check.
|
|
|
|
app.get('/profile', ioc((User user) {
|
|
|
|
print(user.description);
|
|
|
|
}));
|
2017-06-03 21:39:55 +00:00
|
|
|
|
|
|
|
// Use a comma to try multiple strategies!!!
|
|
|
|
//
|
|
|
|
// Each strategy is run sequentially. If one succeeds, the loop ends.
|
|
|
|
// Authentication failures will just cause the loop to continue.
|
|
|
|
//
|
|
|
|
// If the last strategy throws an authentication failure, then
|
|
|
|
// a `401 Not Authenticated` is thrown.
|
|
|
|
var chainedHandler = auth.authenticate(
|
2017-09-24 04:32:38 +00:00
|
|
|
['basic','facebook'],
|
2017-06-03 21:39:55 +00:00
|
|
|
authOptions
|
|
|
|
);
|
2017-09-24 04:32:38 +00:00
|
|
|
|
2019-04-19 09:08:06 +00:00
|
|
|
// Apply angel_auth-specific configuration.
|
2017-09-24 04:32:38 +00:00
|
|
|
await app.configure(auth.configureServer);
|
2017-06-03 21:39:55 +00:00
|
|
|
}
|
|
|
|
```
|
2017-02-28 22:16:25 +00:00
|
|
|
|
|
|
|
# Default Authentication Callback
|
|
|
|
A frequent use case within SPA's is opening OAuth login endpoints in a separate window.
|
|
|
|
[`angel_client`](https://github.com/angel-dart/client)
|
|
|
|
provides a facility for this, which works perfectly with the default callback provided
|
|
|
|
in this package.
|
|
|
|
|
|
|
|
```dart
|
2017-06-03 21:39:55 +00:00
|
|
|
configureServer(Angel app) async {
|
|
|
|
var handler = auth.authenticate(
|
|
|
|
'facebook',
|
2019-04-19 07:50:04 +00:00
|
|
|
AngelAuthOptions(callback: confirmPopupAuthentication()));
|
2017-06-03 21:39:55 +00:00
|
|
|
app.get('/auth/facebook', handler);
|
|
|
|
|
|
|
|
// Use a comma to try multiple strategies!!!
|
|
|
|
//
|
|
|
|
// Each strategy is run sequentially. If one succeeds, the loop ends.
|
|
|
|
// Authentication failures will just cause the loop to continue.
|
|
|
|
//
|
|
|
|
// If the last strategy throws an authentication failure, then
|
|
|
|
// a `401 Not Authenticated` is thrown.
|
|
|
|
var chainedHandler = auth.authenticate(
|
2017-09-24 04:32:38 +00:00
|
|
|
['basic','facebook'],
|
2017-06-03 21:39:55 +00:00
|
|
|
authOptions
|
|
|
|
);
|
|
|
|
}
|
2017-02-28 22:16:25 +00:00
|
|
|
```
|
2017-06-03 21:39:55 +00:00
|
|
|
|
2017-04-12 12:03:31 +00:00
|
|
|
This renders a simple HTML page that fires the user's JWT as a `token` event in `window.opener`.
|
2021-05-14 11:09:48 +00:00
|
|
|
`angel_client` [exposes this as a Stream](https://github.com/dukefirehawk/angel/tree/angel3/packages/client#authentication):
|
2017-04-12 12:03:31 +00:00
|
|
|
|
|
|
|
```dart
|
|
|
|
app.authenticateViaPopup('/auth/google').listen((jwt) {
|
|
|
|
// Do something with the JWT
|
|
|
|
});
|
|
|
|
```
|