New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introducing @colyseus/auth + onAuth() change #657
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…uments (e.g. only getToken())
…e cors with cors:false option
endel
changed the title
Introducing @colyseus/auth
Introducing @colyseus/auth + onAuth() change
Dec 1, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Feedback is most welcome, especially on user-facing APIs 🙏
colyseus.js
integration PR here colyseus/colyseus.js#133docs
PR colyseus/docs#150@colyseus/core
-onAuth()
changestatic onAuth(token, req)
method should be implemented asstatic
onAuth(client, options, req)
as an instance method still works, but will be deprecated in the future.This change allows validating the token earlier in the connection process, without needing an instance of the room available.
This way the auth token is read from the first matchmaking request header instead of as query param in the second WebSocket connection.
Example: Firebase Authentication with
static onAuth()
If you are using a custom token (Firebase, PlayFab, etc), you'd provide the token in the SDK like this:
Introducing
@colyseus/auth
module/auth/register
- user registration (email + password)/auth/login
- login (email + password)/auth/anonymous
- anonymous login/auth/userdata
- fetch user datagrant
module - a MIT-licensed "OAuth Proxy")/auth/provider/:providerId
- redirect to provider/auth/provider/:providerId/callback
- reply callback from the providerDatabase interaction must be implemented by end-user
End-user should implement the following callbacks:
auth.settings.onFindUserByEmail = async (email) => {/* query user by email */}
auth.settings.onRegisterWithEmailAndPassword = async (email, password, options) => {/* insert user */}
auth.settings.onRegisterAnonymously = async (options: T) => {/* insert anonymous user */}
End-user may customize the following callbacks. They come with a default implementation.
auth.settings.onParseToken = (jwt: JwtPayload) => jwt
auth.settings.onGenerateToken = async (userdata: unknown) => await JWT.sign(userdata)
auth.settings.onHashPassword = async (password: string) => Hash.make(password)
auth.oauth.onCallback = async (password: string) => Hash.make(password)
Usage example