Provides authentication middleware (using Passport) for use in your Derby projects.
Setup derby-auth strategies and configurations
varauth =// Pass in actual Passport Strategy objects as well as their configurations (see )// Note: this means you'd need "passport-facebook" in your package.json filestrategies =facebook:strategy: Strategyconf: clientID: processenvFACEBOOK_KEY clientSecret: processenvFACEBOOK_SECRET// Pass in options. Domain defaults to localhost:3000, but consider it required// (It's a Passport technicality, if anyone has suggestions for determining domain on run-time, please message me)options =domain: processenvNODE_ENV==='production' ? "" : ""
Initialize the Store (queries, accessControl, etc)
// initialize queries and accessControlauth;
Use derby-auth's mounted middleware
// derby-auth.middleware is inserted after modelMiddleware and before the app router to pass server accessible data to a model
Also, make sure your express app is using sessions:
# Uncomment and supply secret to add Derby session handling# Derby session middleware creates reqsession and socketio sessions
Step 4 (optional, recommended)
If you want drop-in Login and Register forms, including form validation, use the
<derby-auth:login /> and
<derby-auth:register /> components. To enable these, you'll need this in your
See the example for more details, as well as login / registration forms, sign-in buttons, etc.
See my Workflowy
Why not EveryAuth?
This project was originally implemented with Everyauth (see branch), but had some issues:
- Every provider had to be implemented individually in code. Passport has an abstraction layer, which is what allows us to pass in Strategy + conf objects in server/index.js for every provider we want enabled.
- Password authentication posed technical difficulties. See the Google Group discussion