vue-simple-auth
Very flexible and easily customizable authorization module using jwt token. It has SSR support.
vue-router-auth is used to configure routes.
If you find an error, incorrect behavior please open the corresponding
issue.
Please also rate this repository. 😊
✌️ Setup
$ npm i vue-simple-auth; ;📖 Usage
;; { const cookies = ssrContext ? ssrContextreqheaderscookie : ; const config = ...; await ;};⚠️ Important!
During initialization, you should already have an http client installed. That is, Vue.prototype.$axios or Vue.prototype.$http should already exist.
In the example above, there are two obscure points: 1. cookies, 2. Asynchronous initialization function.
1. Cookies are necessary for us for SSR. Therefore, we transfer a universal object of interaction with cookies to the module.
It could be another dependency, not necessarily a universal-cookie.
2. During initialization, the module will try to authorize the user if a jwt token is present in cookies.
Therefore, the initialization function is asynchronous.
Where the project should call the initialization function depends on the project itself and this decision remains at your discretion.
The main thing is to pass the required parameters to the initialization function: router, store, cookies, config.
After initialization, we get access to this.$auth from any component.
Login
{ return loading: false ; } methods: async { thisloading = true; await this$auth; thisloading = false; } The login method accepts credentials and returns a Promise. This action takes place in two stages:
- A request to receive a jwt token.
- Request for user data $auth.loginByToken, saving user data in the store.
Login by token
methods: async { await this$auth; } This method makes a request for user data. If the request is successful, it saves the token using the $auth.rememberToken method and saves the user data to the store.
Logout
methods: async { await this$auth; } Sends a logout request (if specified in config), then using the $auth.localLogout method removes the user from the repository and forgets the token.
Local logout
methods: { this$auth; } Deletes a token using the $auth.forgetToken method and remove user data from store.
Remember token
methods: { this$auth; } Saves the token in cookies and adds the header in the HTTP client(axios, vue-resource).
Forget token
methods: { this$auth; } Removes the token from cookies and the header in the http client.
Fetch user
methods: async { await this$auth; } Updating user data from the server.
Auth store
$auth.user - Local user data storage.
$auth.token - Current token.
$auth.loggedIn - Flag indicating whether the user is authorized or not.
⚙️ Customization
default config:
httpClient: 'axios' watchLoggedIn: true cookies: path: '/' token: name: 'Authorization' type: 'Bearer' vuex: namespace: '$auth' redirect: routes: auth: '/profile' guest: '/' queryFrom: 'from' $authloggedIn endpoints: authenticate: method: 'post' url: '/auth/login' property: 'access_token' user: method: 'get' url: '/auth/user' logout: false strategyWhen initializing the module, you can specify the following settings:
httpClient
Type: String|Object. Default: 'axios'.
Сlient with the help of which HTTP requests will be sent.
May be 'axios' or 'http'. If http is specified, vue-resource will be used.
You can also configure your own custom HTTP client and specify an object in this field. This feature may be necessary if you need a specific setting of headers and a reaction to a 401 error. See code for details.
watchLoggedIn
Type: Boolean. Default: true.
If set to true, then with login and logout, a redirect to the routes specified in the settings will automatically occur.
cookies
Type: Object. Default: { path: '/' }.
Cookies settings.
token
Type: Object. Default: { name: 'Authorization', type: 'Bearer' }.
Token save settings.
vuex
Type: Object. Default: { namespace: '$auth' }.
Using the namespace field, you can rename the module to vuex.
redirect
Type: Object.
This option is designed to redirect the user and close routes.
To better understand it, see this plugin: vue-router-auth
routes - routes config from vue-router-auth.
guard - guard config from vue-router-auth.
queryFrom (default: 'from') - If there is a from key in the quere parameter, then after authorization, redirection will be made to it. Only works with the watchLoggedIn option enabled.
endpoints
Type: Object.
This option is used to indicate where to send requests and what data to expect in response.
property option can be specified as follows: 'data.foo.user'.
strategy
default strategy:
async { const method = configendpointsauthenticatemethod const url property = configendpointsauthenticate const data = await httpClientinstancemethodurl credentials return } async { const method = configendpointsusermethod const url property = configendpointsuser const data = await httpClientinstancemethodurl return ; } async { const method = configendpointsusermethod; configendpointslogout ? await httpClientinstancemethodconfigendpointslogouturl : await Promise; } { const name type = configtoken; const tokenString = type ? ` ` : token; cookies; httpClient; } { const name = configtoken; cookies; httpClient; }Type: Object.
You can also change or completely replace the module strategy.
👀 Examples
close route
path: '/account' import'layouts/Auth.vue' meta: auth: access: true see more vue-router-auth
redirect.queryFrom
path: '/account' import'layouts/Auth.vue' meta: auth: access: true path: '/login' query: from: topath In the example above, if the user is not authorized and tries to go to the /account route, he will be redirected on /login with the from parameter. And when the user logs in, he redirects to the route specified in query.from in priority. Only works with the watchLoggedIn option enabled.
strategy
;; { const cookies = ssrContext ? ssrContextreqheaderscookie : ; const config = // ... strategy: { // custom logic. } ; await ;};