Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extract the jwt authentication to a local component for the auth migration example app #4753

3 of 4 tasks
jannyHou opened this issue Feb 26, 2020 · 2 comments
3 of 4 tasks


Copy link

jannyHou commented Feb 26, 2020


After creating the demo for JWT authentication in loopback4-shopping-example, and applied a similar auth system in loopback-example-access-control, we think it's time to extract the jwt authentication system into a separate extension package, so that:

  • jwt related services, bindings can be packed as a component
  • people can easily mount the component when they need a simple working authentication system, they can customize and enhance the system later
  • separating the component from example apps will give people a much more clear idea of what's the core of authentication

Use Cases

This extension will provide a basic jwt authentication system as a component. It's used when people want to see a demo of how to leverage an existing authentication strategy, or need a prototype of authentication to plugin and add code on it(like authorization).


In your application file, mount the authentication component like

// find a better name
import {JWT_AUTH_COMPONENT} from '@loopback/jwt-authentication-extension'
export class MyApplication extends BootMixin(
) {

Then you can secure controller endpoints with @authenticate('jwt').

Details to figure out by the story owner: how to provide the custom User model. Include it in the component? Or define it in the app and integrate it with the component?

Acceptance criteria

Copy link
Contributor Author

  • UPDATE: to simplify the story, let's first make it a local refactor for the auth migration example app: extract jwt authentication into a local component for it.

@jannyHou jannyHou changed the title Create an extension for jwt authentication Extract the jwt authentication to a local component for the auth migration example app Feb 27, 2020
@dhmlau dhmlau added this to the Mar 2020 milestone Feb 27, 2020
@jannyHou jannyHou self-assigned this Mar 4, 2020
Copy link
Contributor Author

jannyHou commented Mar 9, 2020

Closing it after 2 PR merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

2 participants