Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support multiple auth providers #6

Closed
marshallswain opened this Issue Nov 16, 2015 · 3 comments

Comments

Projects
None yet
2 participants
@marshallswain
Copy link
Member

marshallswain commented Nov 16, 2015

Based on the options available in the feathers-generator, these are the ones we'll be targeting first:

  • Local
  • Google
  • Facebook
  • Twitter - Not making the cut for 1.0 because OAuth1 and OAuth1a require sessions
  • Github

This will require changing the local auth to have a keyed config like

auth: {
  secret: 'master-token-generation-secret',
  local: {
    loginEndpoint: '/login'
  },
  facebook: {
    appId: '149b0wv1n4v4',
    secretKey: '1g444g209n'
  },
  twitter: {
    appId: '240v9ndsvn23',
    secretKey: '1g444g209n'
  }
}
@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Feb 2, 2016

I've started work on this in the decoupling branch. It follows the same config as you outlined above with the exception that we also have a token config value. This is because all the auth mechanisms have been broken out into their own services.

The trickier part has been getting twitter to work. Using the https://github.com/drudge/passport-twitter-token module I'm unsure where to get the oauth_token_secret and user_id using the "reverse auth" mechanism.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Feb 2, 2016

So I've got Facebook and Github working. Just working on making it generic for any oAuth2 provider.

Twitter will need to be revisited because it requires a session unless we do one of their different token based methods for authentication. https://dev.twitter.com/oauth

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Feb 7, 2016

Now that I've done work on this I'd like to split this into a couple issues to better track progress because we aren't doing things that are provider specific but instead are mechanism specific. By supporting any passport OAuth2 module we unlock a lot more providers than we initially listed in the issue description.

Now moving to issues #40, #41, #42 and #43.

@ekryski ekryski closed this Feb 7, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.