A complete authentication framework for Angel. Inspired by Passport.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.idea preserve existing user Jun 27, 2018
example 2.0.3 Dec 9, 2018
lib 2.0.3 Dec 9, 2018
test 2.0.3 Dec 9, 2018
.gitignore Ignore .dart_tool Jul 12, 2018
.travis.yml 1.1.1 Jun 27, 2018
CHANGELOG.md 2.0.3 Dec 9, 2018
LICENSE Initial commit May 2, 2016
README.md Update README Sep 11, 2018
analysis_options.yaml 1.1.1 Jun 27, 2018
pubspec.yaml 2.0.3 Dec 9, 2018

README.md

angel_auth

Pub build status

A complete authentication plugin for Angel. Inspired by Passport.

Wiki

Click here.

Bundled Strategies

  • Local (with and without Basic Auth)
  • Find other strategies (Twitter, Google, OAuth2, etc.) on Pub!!!

Example

Ensure you have read the wiki.

configureServer(Angel app) async {
  var auth = new AngelAuth();
  auth.serializer = ...;
  auth.deserializer = ...;
  auth.strategies['local'] = new LocalAuthStrategy(...);
  
  // POST route to handle username+password
  app.post('/local', auth.authenticate('local'));
  
  // Use a comma to try multiple strategies!!!
  //
  // Each strategy is run sequentially. If one succeeds, the loop ends.
  // Authentication failures will just cause the loop to continue.
  // 
  // If the last strategy throws an authentication failure, then
  // a `401 Not Authenticated` is thrown.
  var chainedHandler = auth.authenticate(
    ['basic','facebook'],
    authOptions
  );
  
  // Apply angel_auth-specific configuration
  await app.configure(auth.configureServer);
  
  // Middleware to decode JWT's...
  app.use(auth.decodeJwt);
}

Default Authentication Callback

A frequent use case within SPA's is opening OAuth login endpoints in a separate window. angel_client provides a facility for this, which works perfectly with the default callback provided in this package.

configureServer(Angel app) async {
  var handler = auth.authenticate(
    'facebook',
    new AngelAuthOptions(callback: confirmPopupAuthentication()));
  app.get('/auth/facebook', handler);
  
  // Use a comma to try multiple strategies!!!
  //
  // Each strategy is run sequentially. If one succeeds, the loop ends.
  // Authentication failures will just cause the loop to continue.
  // 
  // If the last strategy throws an authentication failure, then
  // a `401 Not Authenticated` is thrown.
  var chainedHandler = auth.authenticate(
    ['basic','facebook'],
    authOptions
  );
}

This renders a simple HTML page that fires the user's JWT as a token event in window.opener. angel_client exposes this as a Stream:

app.authenticateViaPopup('/auth/google').listen((jwt) {
  // Do something with the JWT
});