passport-zoib
v0.3.1
Published
ZOIB authentication strategy for Passport.
Downloads
17
Maintainers
Readme
passport-ZOIB
Passport strategy for authenticating with ZOIB using the ZOIB authentication.
This module lets you authenticate using ZOIB in your Node.js applications. By plugging into Passport, ZOIB authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
Install
$ npm install passport-zoib
Usage
Create a ZOIB function
Before using passport-ZOIB
, you must create a ZOIB function the user (or a group which contains the user) need to have access to.
Configure Strategy
The ZOIB authentication strategy authenticates users using a ZOIB account
and a ZOIB function. The strategy also requires a verify
callback, which receives the profile
which contains the
authenticated user's ZOIB profile. The verify
callback must call cb
providing a user to complete authentication.
passport.use(new ZOIBStrategy({
zoibURL: "https://zoib.salamalecs.dev.digitalairways.com",
localZoibURL: "http://zoib-user:13511", //optionnal, only if you use docker & zoib-user is in the same network
zoibFunction: "salamalecs_grant_authentication",
authorizationURL: "https://passport-zoib.salamalecs.dev.digitalairways.com",
callbackURL: "https://salamalec.salamalecs.dev.digitalairways.com/auth/strategy/callback",
logoURL: "https://pbs.twimg.com/profile_images/124145879/Logo_Happy_RGB_400x400.jpg", //optional
color: "FFDE75", //optional
title: "ZOIB authentication" //optional
},
function(profile, cb) {
user = profile;
delete user.token;
cb(null, user);
}
));
Authenticate Requests
Use passport.authenticate()
, specifying the 'ZOIB'
strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/ZOIB',
passport.authenticate('ZOIB'));
app.get('/auth/ZOIB/callback',
passport.authenticate('ZOIB', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
####protect your NodeRed using passport-ZOIB
Uncomment the adminAuth parameter in your settings.js file and set his value:
adminAuth: {
type:"strategy",
strategy: {
name: "ZOIB",
label: 'Sign in with ZOIB',
icon:"fa-smile-beam",
strategy: require("passport-zoib").Strategy,
options: {
zoibURL: process.env.ZOIB_URL,
localZoibURL: process.env.LOCAL_ZOIB_URL, //optionnal, only if you use docker & zoib-user is in the same network
zoibFunction: process.env.ALLOWING_ZOIB_FUNCTION,
authorizationURL: process.env.ZOIB_PASSPORT_URL,
callbackURL: "https://" + process.env.VIRTUAL_HOST + "/auth/strategy/callback",
logoURL: "https://pbs.twimg.com/profile_images/124145879/Logo_Happy_RGB_400x400.jpg", //optional
color: "FFDE75", //optional
title: "ZOIB authentication" //optional
}
},
users: function(username) {
return new Promise(function(resolve) {
var user = {username: username, permissions: "*"};
resolve(user);
});
}
},
If you want to skip the button click: ...
If you want to keep the ZOIB token (as Salamalecs wants to) in the NodeRed session, add the following parameter to adminAuth:
authenticate: function(profile) {
return new Promise(function(resolve) {
resolve(profile);
});
}
Then you need to patch NodeRed using the following patch: svn://daw.digitalairways.com/digitalairways/Customers/Fundatrix/TheThingBox/Patchs/zoib_keepZoibToken
If you also want to have a way to retrieve this ZOIB token, you will need to patch NodeRed using the following patch: svn://daw.digitalairways.com/digitalairways/Customers/Fundatrix/TheThingBox/Patchs/zoib_getZoibToken