npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@amplication/plugin-auth-auth0

v1.0.16

Published

Auth0 plugin for Amplication

Downloads

231,167

Readme

@amplication/plugin-auth-auth0

NPM Downloads

This plugin helps in integrating Auth0 into your app generated by Amplication and provides the required configuration files.

Purpose

Provides a way to integrate Auth0 into your app generated by Amplication by adding the required dependencies and configuration files. Auth0 is an authentication and authorization platform that provides the required tools to secure your applications and services.

Working with the plugin

It can be used by adding the plugin in the plugins page of the app settings. The plugin can be added by providing the settings as shown in the method you want to use as well as the general settings.

Note: Have to add the auth-core-plugin plugin before adding this plugin.

Results in configuring the app to use auth0 for authentication. It adds the necessary dependencies, creates a JWT strategy and adds the required environment variables in the .env file.

General Configuration

The following values are required to be provided in the plugin settings.

  • recipe: The type of Authenticated recipe to use.

    • type: password or passwordless ( Optional, Default: password )
    • method: email or sms or magic-link ( Optional, Default: email )
    • emailFieldName: The name of the field to use for finding the user by email. If not provided, email field from payloadMapping will be used or a field of type Email will be used from your auth entity. ( Optional )
    • payLoadMapping: The mapping of the fields to use for payload. This has to be given in the format of key: value where the key is the name of the field in the auth entity and the value is the name of the field in the payload. Currently supported fields from payload are email, email_verified, name, nickname, picture, username. ( Optional )
  • defaultUser: The default user to be created in the database. This has to be given in the format of key: value where the key is the name of the field in the auth entity and the value is the value of the field to be set for the default user. If a field is not provided, it will be set to default value according to the type of the field. For more information, see Default Values

Example

{
  "settings": {
    "recipe": {
      "type": "password",
      "emailFieldName": "email",
      "payloadFieldMapping": {
        "username": "name",
        "name": "name"
      }
    },
    "defaultUser": {
      "username": "Ashish Padhy",
      "roles": ["admin"],
      "name": "Ashish Padhy",
      "bio": "",
      "email": "[email protected]",
      "age": 0,
      "birthDate": "2021-06-01T00:00:00.000Z",
      "score": 0,
      "interests": [],
      "priority": "high",
      "isCurious": false,
      "location": "(32.085300, 34.781769)",
      "extendedProperties": {
        "foo": "bar"
      }
    }
    // Method specific settings ( See Method Specific Configuration )
  }
}

Using Management API

This method uses the Auth0 Management API to get the required values.

Note: This method requires the user to have an auth0 account or have access to JWT token of the auth0 account.

Method Specific Configuration

This method requires the following values to be provided in the plugin settings.

  • useManagementApi : true ( To use this method )
  • managementParams :
    • identifier : The identifier of the Auth0 Management API ( See get management api token )
    • accessToken : The access token of the Auth0 Management API ( See get management api token )
    • actionName : The name of the action which you want to create in the Auth0 account. ( Optional, Default: Add user details to access token )
    • clientName : The name of the client which you want to create in the Auth0 account. ( Optional, Default: Amplication SPA )
    • apiName : The name of the API which you want to create in the Auth0 account. ( Optional, Default: Amplication API )
    • audience: The audience/identifier of the API which you want to create in the Auth0 account. ( Optional, Default: http://localhost:3001 )

Example

{
  "settings": {
    "useManagementApi": true,
    "managementParams": {
      "identifier": "https://{TENANT_NAME}.{REGION}.auth0.com/api/v2/",
      "accessToken": "{ACCESS_TOKEN}",
      "actionName": "Add user details to access token",
      "clientName": "Custom SPA",
      "apiName": "Custom API",
      "audience": "http://example.com"
    }
    // General settings ( See General Configuration )
  }
}

Manually

This method requires the user to manually create the required values in the Auth0 account and provide the values in the plugin settings.

Method Specific Configuration

This method requires the following values to be provided in the plugin settings.

  • useManagementApi : false ( To use this method )
  • domain : The domain of the Auth0 application (client) ( See copy domain )
  • clientID : The client id of the Auth0 application (client) ( See copy client id )
  • audience : The audience/identifier of the API which you have created in the Auth0 account. ( See copy audience )
  • issuerURL : The issuer base url of the API which you have created in the Auth0 account. ( See copy issuer base url )

Example

{
  "settings": {
    "useManagementApi": false,
    "domain": "dev-p27ryta7rrcalcea.us.auth0.com",
    "clientID": "A9Dvb0BS8His5lrzRNduNxtGcoTHagid",
    "audience": "https://sample-nest.demo.com",
    "issuerURL": "https://dev-p27ryta7rrcalcea.us.auth0.com/"
    // General settings ( See General Configuration )
  }
}

Elaboration

This section elaborates on the steps to be followed to get the required values for the plugin settings. Prerequisite for this is to have an Auth0 account.

Get Management API Token

  • Go to Management Explorer and copy the token as shown there. If there is no token, click on the Create Testing Application button and create a testing application. Then copy the token. This is the value of the accessToken field in the plugin settings.

  • Go to Management Settings Page and copy the value of the Identifier field. This is the value of the identifier field in the plugin settings.

Create an Auth0 application

  • Go to Applications Page and create a new application of type Single Page Web Applications.

  • Select React in the Quickstart tab or follow the steps below.

  • Change the following values to their keys :-

    • Allowed Callback URLs : http://localhost:3001/auth-callback
    • Allowed Logout URLs : http://localhost:3001/login
    • Allowed Web Origins : http://localhost:3001
  • Go to the settings tab and copy the values of the following :-

    • Domain
    • Client ID

    Auth0 Application Settings

Create an Auth0 API

  • Go to the API Dashboard and create a new API with the following values :-

    • Identifier : http://localhost:3001
    • Signing Algorithm : RS256
  • Go to the quickstart tab and switch to NodeJS tab and copy the values of the following :-

    • Audience
    • IssuerBaseURL

    Sample Auth0 API Settings

    const jwtCheck = auth({
      audience: "http://localhost:3001",
      issuerBaseURL: "https://dev-z4opqj3d1oykaaaw.us.auth0.com/",
      tokenSigningAlg: "RS256",
    });

Create an Auth0 action

  • Go to the Actions Library and click on the Build Custom button.

  • Set the following values :-

    • Name : Add user details to access token ( Or any name you want )
    • Trigger : Login / Post Login
    • Runtime : Node18 ( Or any runtime you want )
  • Click Create Button.

  • In the code editor, set the following code :-

    exports.onExecutePostLogin = async (event, api) => {
      if (event.authorization) {
        // Set claims
        api.accessToken.setCustomClaim("user", event.user);
      }
    };
  • Save and click on the Deploy button.

  • Go to the Actions Flows and the action you have created between Start and Complete nodes. For more information, see Auth0 Actions.