npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@bonsaicms/vue-statefull-api-auth

v0.5.1

Published

Auth library for Vue 3 applications and stateful APIs.

Downloads

6

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mspidervmspiderv

Keywords

vuevuejsvuexsessionstatefull apiauth

Readme

Authentication layer for Vue 3 applications

This package is designed as an authentication layer for Vue applications in combination with an authentication backend server that provides statefull API (session-based cookie authentication). Example of such a backend implementation is Larvel Sanctum.

Install

Using npm:

npm install @bonsaicms/vue-statefull-api-auth --save

Using yarn:

yarn add @bonsaicms/vue-statefull-api-auth

Setup

You need to run this code once while your application is booting.

import Vue from 'vue'
import { createAuth } from '@bonsaicms/vue-statefull-api-auth'

// Import your Vue router instance
import router from 'src/router'

const auth = createAuth(

  // Router instance
  router,

  // You can override the default configuration here
  // Default config values can be found here: https://github.com/bonsaicms/vue-statefull-api-auth/blob/master/src/config.js#L3
  { }
)

// Don't forget to initialize the auth
// By "initialize" we mean "to find out wether the user is logged in or not"
auth.initialize()

Usage

In the following example we use the auth variable. It is an object created using the createAuth function.

Getters

  • auth.ready is true if the package was already initialized (fetchUser endpoint responded) or false (didn't respond yet).
  • auth.check is true if the user is logged in or false when user is not logged in.
  • auth.user is the user object returned by the fetchUser endpoint.

Methods

  • auth.initialize() - you need to run this exactly one time.
  • auth.attemptLogin(credentialsObject).then(user => /* user logged */).catch((e) => { /* login failed */ })
  • auth.logout()
  • auth.fetchUser().then(user => ...)

Protecting the routes

You can protect your routes using the meta property. This valus of the meta.auth can be configured in the config.authMeta property.

Routes example:

const routes = [

  // This route is accessible only for LOGGED users
  {
    path: '/home',
    component: () => import('Home.vue'),
    meta: { auth: true } // Notice true value
  },

  // This route is accessible only for UNAUTHENTICATED users
  {
    path: '/login',
    component: () => import('Login.vue'),
    meta: { auth: false } // Notice false value
  },

  // This is just a reggular public route accessible for everybody
  {
    path: '/something',
    component: () => import('Something.vue'),
    // Notice meta: { auth: ... } is not defined here
  },

]

Automatic redirects

If the user is NOT logged in and he/she is trying to visit a route accessible only for logged users, this package will automatically redirect the user to config.redirects.unauthenticated route.

If the user IS logged in and he/she is trying to visit a route accessible only for unauthenticated users, this package will automatically redirect the user to config.redirects.authenticated route.

Configuration

Default configuration object

{
  http: {
    driver: 'axios',
    config: {
      //
    },
  },
  authMeta: {
    key: 'auth',
    value: {
      authenticated: true,
      unauthenticated: false
    }
  },
  redirects: {
    unauthenticated: { path: '/login' },
    authenticated: { path: '/' }
  },
  apiEndpoints: {
    setCsrfCookie: null,
    fetchUser: {
      method: 'get',
      url: '/api/auth/user',
      transformResponse: (response) => response,
    },
    attemptLogin: {
      method: 'post',
      url: '/api/auth/login',
      transformResponse: (response) => response
    },
    logout: {
      method: 'post',
      url: '/api/auth/logout',
    }
  }
}

HTTP Client

This package uses Axios for sending API requests by default, but you can use your own HTTP client implementation this by calling auth.drivers.register('http', 'myDriver', myHttpDriverFactory) and then auth.drivers.use('http', 'myDriver').

Backend Endpoints

In order to use this package, your backend must implement at least these three API endpoints:

  • fetchUser - Get the information about the currently logged user.
    • You can call this endpoint by calling auth.fetchUser().then(user => ...))
    • If the user is logged in, this endpoint should respond with HTTP status 200 and provide an JSON user in the response body. Example of user:{ 'name': 'John' }. This can be anything useful for your frontend application.
    • If the user is NOT logged in, this endpoint should respond with HTTP status 422 and empty body.
  • attemptLogin - Attempt to login a user.
    • You can call this endpoint by calling auth.attemptLogin(credentialsObject).then(user => ...))
    • This endpoint must accept the POST HTTP method.
    • If the user was successfuly logged in, this endpoint should respond with HTTP status 200.
    • If the user is NOT logged in, this endpoint should respond with HTTP status 422.
  • logout - Logout the currently logged user.
    • You can call this endpoint by calling auth.logout().then(...))

Your backend can also implement the 4th endpoint, but this one is optional:

  • setCsrfCookie
    • If this endpoints is configured (not configured by default), then it will be accessed automatically during the initialization procedure.
    • It should accept the GET HTTP method.
    • It should configure the CSRF cookie in the response so any subsequent POST API calls will not fail because of missing CSRF token cookie.

Are you looking for backend authentication implementation ?

Feel free to check out our bonsaicms/auth package designed for Laravel applications.