Provides authentication for DerbyJS projects
Provides authentication middleware (using Passport) for use in your Derby projects.
###Step 1 Setup derby-auth strategies and configurations
varauth = require'derby-auth'// Pass in actual Passport Strategy objects as well as their configurations (see )// Note: this means you'd need "passport-facebook" in your package.json filestrategies =facebook:strategy: require'passport-facebook'Strategyconf: clientID: processenvFACEBOOK_KEY clientSecret: processenvFACEBOOK_SECRET// Pass in options. Domain defaults to localhost:3000, but consider it required// (It's a Passport technicality, if anyone has suggestions for determining domain on run-time, please message me)options =domain: processenvNODE_ENV==='production' ? "" : ""
###Step 2 Initialize the Store (queries, accessControl, etc)
// initialize queries and accessControlauthstorestore;
###Step 3 Use derby-auth's mounted middleware
usestoremodelMiddleware// derby-auth.middleware is inserted after modelMiddleware and before the app router to pass server accessible data to a modeluseauthmiddlewarestrategies optionsuseapprouter
Also, make sure your express app is using sessions:
# Uncomment and supply secret to add Derby session handling# Derby session middleware creates reqsession and socketio sessionsuseexpresscookieParserusestoresessionMiddlewaresecret: processenvSESSION_SECRET || 'YOUR SECRET HERE'cookie: maxAge: ONE_YEAR
###Step 4 (optional, recommended)
If you want drop-in Login and Register forms, including form validation, use the
<derby-auth:login /> and
<derby-auth:register /> components. To enable these, you'll need this in your
See the example for more details, as well as login / registration forms, sign-in buttons, etc.
See my Workflowy
This project was originally implemented with Everyauth (see branch), but had some issues:
- Every provider had to be implemented individually in code. Passport has an abstraction layer, which is what allows us to pass in Strategy + conf objects in server/index.js for every provider we want enabled.
- Password authentication posed technical difficulties. See the Google Group discussion