npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@meniga/auth

v6.1.36-alpha.0

Published

A library for a react app to authenticate with an oauth provider using authorization code flow

Downloads

463

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

meniga-npmmeniga-npmpetermenigapetermenigatinnatinna

Keywords

Readme

@meniga/auth

This package is used to authenticate with an oidc/oauth provider.

It is build as an ESM module and is geared towards apps using functional components and react hooks. It does not add a user to the redux state like @meniga/identity does.

It uses react-oidc-context and oidc-client-ts under the hood and only supports Authorization Code flow or Refresh Token flow. Implicit Grant flow is not supported. If you need Implicit Grant support, use @meniga/identity instead.

Getting started

Install the package like so:

yarn add @meniga/auth

Config

For more information about the configuration and required and optional properties go to: https://authts.github.io/oidc-client-ts/interfaces/UserManagerSettings.html

Easiest way to provide this config - if you are using @meniga/config in your app - is to create an identity.js config file with the following config, using the values set in your oidc provider.

export default {
	/**
	 * URL to the oidc server
	 */ 
	authority: 'https://sts.dev.meniga.cloud/identity',
	/**
	 * The client ID as configured in the oidc server
	 */ 
	client_id: 'Demo_user_api_gateway_authorization_code',
	redirect_uri: '/callback',
	post_logout_redirect_uri: '/',
	/**
	 * Only used if your app supports a 'Forgot password' flow and you are using Meniga's STS server.
	 * This specifies the path to the page the STS server should redirect to when user clicks on 'Forgot password'
	 */ 
	forgot_password_uri: '/login/forgot',
	/** 
	 * Specifies the type of grant you want to use
	 * The .well-known configuration of the server has a list of supported response types.
	 */ 
	response_type: 'code',
	scope: 'openid profile meniga_user_api', 
	loadUserInfo: true,
	/**
	 * Whether or not there should be an automatic attempt to renew the access token prior to its expiration
	 */
	automaticSilentRenew: true,
	/** 
	 * Whether or not the token should be saved in browser storage 
	 */
	storeToken: true,
	/** 
	 * The names used to store the access_token and token_type in browser storage. 
	 * Should not be changed if your app is using @meniga/core for api requests.
	 */ 
	tokenName: 'accessToken',	
	tokenTypeName: 'accessTokenType'
}

Note: client_id, scope, response_type and callback_uri should match the configuration made on the identity server.

App

Import the MenigaAuthProvider in your App/entry file and add the OIDC config to it.

import { globalConfig } from '@meniga/config'
import { MenigaAuthProvider } from '@meniga/auth'

const _configBasename = globalConfig('routing.prefix', '')
const _configIdentity = globalConfig('identity', {})

const App = () => {

	return <Fragment>
		<MenigaAuthProvider oidcConfig={ _configIdentity } basename={ _configBasename }>
			<RouterProvider router={ browserRouter } />
		</MenigaAuthProvider>
	</Fragment>
}

export default App

Router

This setup is based on using @meniga/router but works for anyone using react-router or similar library.

In your apps router you will have to add the following components to authenticate

  • AuthProtected is to restrict access to only authenticated users and must be placed under the MenigaAuthProvider in the react dom tree.
  • AuthCallback is a component that handles the callback from the oidc provider and saves it to storage.
    • It will redirect to the previous url the user was located after it has done all its work.
  • AuthLogin is a component that handles redirect to the login page of the oidc provider.
  • AuthLogout is similar to the LoginPage that it handles the redirect to the oidc provider but this one redirects to a logout page

None of these components are required but they save a lot of time.

import { Route, Router } from 'cosmic-core'
import { AuthCallback, AuthProtected, AuthLogin, AuthLogout } from '@meniga/auth'

const routes = [
	{
		key: 'callbackRoute',
		path: '/callback',
		element: <AuthCallback callbackUrl={ '/' } onError={ () => { }} />,
	},
	{
		key: 'loginRoute',
		path: '/login',
		element: <LoginPage />
	},
	{
		key: 'logoutRoute',
		path: '/logout',
		element: <LogoutPage />
	},
	{
		key: 'protectedRoute',
		path: '/dashboard',
		element: <AuthProtected><Dashboard /></AuthProtected>
	}
]

const browserRouter = createBrowserRouter(routes, { basename: _configBasename })

Get user info

You can access basic user info using the { useAuth } hook as long as MenigaAuthProvider is being used further up the tree.

import { useAuth } from '@meniga/auth'

const someFunctionalCompenent = () => {
	const auth = useAuth()

	const user = auth?.user

	...
}

Silent renew token

@meniga/auth supports renewing the bearer token periodically.

In order to use this feature, set 'automaticSilentRenew' to true in the config.