Authentication feature for @x/socket
The top level configuration must contain a secret property containing the value to hash JWT tokens with. It can also
contain a property called anonymous that requires authentication for all API functions when set to false.
import authFeature from '@x/socket.auth'
host.useFeature(auth({
secret: 'xxx',
anonymous: false
}))The consumer feature should also be loaded to enable persistent logins and other optimisations.
The auth0 configuration node can contain the following properties:
const options = {
auth0: {
domain: 'username.au.auth0.com'
}
}The cognito provider only requires configuration on the host and can contain the following properties:
const options = {
cognito: {
domain: 'app-domain',
region: 'ap-southeast-2',
clientId: '<clientId>',
appSecret: '<appSecret>',
userPoolId: 'ap-southeast-2_nnnnnnnnn',
redirectUri: 'http://localhost:3001/loggedIn',
}
}No additional configuration is required for the Facebook provider. The facebook configuration node can simply be set
to true.
const options = {
facebook: true
}No additional configuration is required for the password provider. The password configuration node can simply be set
to true.
const options = {
password: true
}Adds the following functions to the @x/socket API surface:
payload must contain a property called provider that is one of
auth0, cognito, facebook or password. Other properties depend on which provider is being
used.
| Property | Description |
|---|---|
| facebookToken | A valid JWT token issued by facebook, as returned from a successful login attempt |
| token | A valid JWT token issued by @x/socket |
| Property | Description |
|---|---|
| auth0Token | A valid JWT token issued by Auth0, as returned from a successful login attempt |
| token | A valid JWT token issued by @x/socket |
| Property | Description |
|---|---|
| code | The authentication code issued by Cognito, as returned from a successful login attempt |
| token | A valid JWT token issued by @x/socket |
Note that the Cognito provider also exposes a login API function that completes the entire login flow using the
hosted UI.
| Property | Description |
|---|---|
| username | Unique identifier for the user |
| password | Password to authenticate with |
| token | A valid JWT token issued by @x/socket |
Returns an observable containing an object with the following properties:
| Property | Description |
|---|---|
| authenticated | True if the user is authenticated |
| user | The user object, if authenticated |
The following functions are also available when using the password provider:
Only sms verification type is currently supported, provided by Twilio.
The MIT License (MIT)
Copyright © 2022 Dale Anderson
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.