qipp-services-auth 
General
The auth provider offers an interface to init the authentication with the auth backend, to allow the consumption of the API and to renew the access if unauthorized.
Install
npm i qipp-services-authDiagram
auth.state
----------
+--------+ +-------------+ [inactive]
| | | |
| Client | 1. auth.init() | Auth Server | [pending]
| |<-----------------------+ |
| | GET csrf-token | | [handshake] or [failed]
| +--+ | |
| | | 2. auth.storeAccessTokenAndUserId() [authorized]
| |<-+ | |
| | | |
| | 3. λ API request | |
| +----------------------->| |
| | | |
| | 4. 401 unauthorized | |
| |<-----------------------+ |
| | | |
| | 5. auth.getNewAccessToken() |
| +<-----------------------+ | [authorized] or [failed]
| | client_id | |
| | | |
| | 6. λ API request | |
| +----------------------->| |
| | | |
+--------+ +-------------+
Angular usage
Use the init() method to get the csrf-token from the auth server:
authInside the promise fulfillment function, use the storeAccessTokenAndUserId() method:
authNote that the credentials must be provided as an object:
access_token: xxx user_id: yyy Then the client makes an API request.
This request is rejected as the access token is invalid or expired.
Use the getNewAccessToken() method which expects two arguments. The response argument is the returned promise from the initial http request. This method is internally used by the resource provider in the qipp-services-resource module to perform the same API request again:
authIf you don't want the API request to be performed again, the same method can also be called with a third boolean argument set to true (first and second arguments set to empty objects):
authTools
Linting with StandardJS
Please refer to the JavaScript Standard Style for general rules.
npm run lintUnit testing with Karma
npm testRequirements
Angular
- angular 1.5.2
Qipp modules
- qipp-services-io 1.0.1
- qipp-services-relay 1.0.0
- qipp-services-semaphore 1.0.2
- qipp-services-uuid 1.0.0
Licence
Released under the MIT license by qipp.