Use Your Own User Authorization

George Chung edited this page Mar 4, 2016 · 9 revisions

Every company has a private user authorization system inside. This document try to show you how to integrate custom user authorization service into cnpm.

User Data Structure

cnpm user data structure is very simple, only required login and email fields, others is optional.

{
  "login": "fengmk2",
  "email": "fengmk2@gmail.com",
  "name": "Yuan Feng",
  "html_url": "http://fengmk2.github.com",
  "avatar_url": "https://avatars3.githubusercontent.com/u/156269?s=460",
  "im_url": "",
  "site_admin": false,
  "scopes": ["@org1", "@org2"]
}

Required fields

  • login: login name, only allow a-zA-Z0-9 and _-. characters
  • email: email address, e.g.: work email inside the company

Optional fields

  • name: screen name show on the page, e.g.: full name or nick name
  • html_url: a url let other people know he/she more
  • avatar_url: avatar url, default is gavatar url base on email
  • im_url: Instant Messaging url, like WangWang, QQ, Weibo, Twitter, Facebook, GTalk
  • site_admin: admin of cnpm or not, default is false
  • scopes: which scopes can publish into, default is global config.scopes

Default UserService API

function DefaultUserService() {}

var proto = DefaultUserService.prototype;

/**
 * Auth user with login name and password
 * @param  {String} login    login name
 * @param  {String} password login password
 * @return {User}
 */
proto.auth = function* (login, password) {};

/**
 * Get user by login name
 * @param  {String} login  login name
 * @return {User}
 */
proto.get = function* (login) {};

/**
 * List users
 * @param  {Array<String>} logins  login names
 * @return {Array<User>}
 */
proto.list = function* (logins) {};

/**
 * Search users
 * @param  {String} query  query keyword
 * @param  {Object} [options] optional query params
 *  - {Number} limit match users count, default is `20`
 * @return {Array<User>}
 */
proto.search = function* (query, options) {};

Create your UserService and use it

Your own UserService must impl Default UserService API:

  • auth(login, password)
  • get(login)
  • list(logins)
  • search(query, options)

Then put it to config overwrite the DefaultUserService:

config.userService = new YourUserService();
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.