pronto-auth-service
v0.0.6
Published
User sessions for web and mobile. Pluggable authentication from Zamba, Facebook, Twitter, Google, Linkedin, Salesforce and custom providers. Permit users amongst apps with configurable roles. You can (configured) make Users belong to Accounts. You can inv
Downloads
5
Readme
Auth Service
User sessions for web and mobile. Pluggable authentication from Zamba, Facebook, Twitter, Google, Linkedin, Salesforce and custom providers. Permit users amongst apps with configurable roles. You can (configured) make Users belong to Accounts. You can invite a user to (a composable set of [App, Account, other config in tokens]), with customized handlers based on the nature of the token.
Usage
Clone https://github.com/prontotype-us/auth-service
into your node_modules, or include the repo in your package.
# ...
# Set up your DataService here
config = require '../config'
{jwt_secret, auth_callback_base_url} = config
auth_config = {
id_key: '_id'
jwt_secret: jwt_secret
# Oauth2
auth_callback_base_url
providers: {
(facebook):
client_id: ''
client_key: ''
(twitter):
consumer_key: ''
consumer_secret: ''
...
}
}
AuthService = require('auth-service')(auth_config,
create: (type, item, cb) ->
DataService 'create', type, item, cb
get: (type, query, cb) ->
DataService 'get', type, query, cb
find: (type, query, cb) ->
DataService 'find', type, query, cb
update: (type, id, item_update, cb) ->
DataService 'update', type, id, item_update, cb
)
service = new somata.Service 'platform_slug:auth', AuthService
Methods
Incoming users
signupUser(app_id_or_slug, new_user, cb)
Sign up a new user with an email and password. app_id_or_slug
is optional and will build a Role for the newly created User for the given app if included. Include any configuration for this Role on new_user.role
. Things like account_id
, organization_id
, [app-specific-id-configuration]
, and any god
, admin
, or superadmin
privileges are good things to put into the role config.
Authenticating as a user
getUserForApp(app_id_or_slug, query, cb)
Exchange an email and password for access to an app.
getUserByToken(jwt_token, cb)
Exchange a jwt token for a user record and session.
Auth Providers
You can configure social network login by passing in an array of strings to config.provider. Permitted provider slugs are twitter
and facebook
. google
and linkedin
need to be ported in.
getAuthUrl(provider, query, cb)
Get a url to redirect to for kicking off OAuth2 with this provider.
handleAuthCallback(provider, query, cb)
Handle the end of OAuth2 flow from a provider. Route here from your auth API.
getUserFromMetadata(user_data, cb)
Return a user for metadata including at least source
and source_id
or email
. Useful for social authentication or providing users keyed off other external platforms. Each external account will map to exactly one user. Pass config.use_metadata = true
to use a separate table for metadata like this. Otherwise the source and source_id will be kept directly on the user model.
getContextWithApiKey(api_key, cb)
Considering configuring this on a per-platform basis so there is slightly more flexibility how API keys are set up within the schema.
Helpers
getOrCreateUser getOrCreateUserForApp getOrCreateRole createUserForApp getApp getAppId