A complete authentication plugin for Angel. Inspired by Passport.
Ensure you have read the wiki.
configureServer(Angel app) async {
var auth = new AngelAuth();
auth.serializer = ...;
auth.deserializer = ...;
auth.strategies['local'] = new LocalAuthStrategy(...);
// POST route to handle username+password
app.post('/local', auth.authenticate('local'));
// Use a comma to try multiple strategies!!!
//
// Each strategy is run sequentially. If one succeeds, the loop ends.
// Authentication failures will just cause the loop to continue.
//
// If the last strategy throws an authentication failure, then
// a `401 Not Authenticated` is thrown.
var chainedHandler = auth.authenticate(
['basic','facebook'],
authOptions
);
// Apply angel_auth-specific configuration
await app.configure(auth.configureServer);
// Middleware to decode JWT's...
app.use(auth.decodeJwt);
}
A frequent use case within SPA's is opening OAuth login endpoints in a separate window.
angel_client
provides a facility for this, which works perfectly with the default callback provided
in this package.
configureServer(Angel app) async {
var handler = auth.authenticate(
'facebook',
new AngelAuthOptions(callback: confirmPopupAuthentication()));
app.get('/auth/facebook', handler);
// Use a comma to try multiple strategies!!!
//
// Each strategy is run sequentially. If one succeeds, the loop ends.
// Authentication failures will just cause the loop to continue.
//
// If the last strategy throws an authentication failure, then
// a `401 Not Authenticated` is thrown.
var chainedHandler = auth.authenticate(
['basic','facebook'],
authOptions
);
}
This renders a simple HTML page that fires the user's JWT as a token
event in window.opener
.
angel_client
exposes this as a Stream:
app.authenticateViaPopup('/auth/google').listen((jwt) {
// Do something with the JWT
});
scopes
to ExternalAuthOptions
.ExternalAuthOptions
.successRedirect
was previously explicitly returning a 200
; remove this and allow the default 302
.null
return in authenticate
+ failureRedirect
.options
on AuthStrategy.authenticate
.AuthStrategy
generic.AngelAuth.strategies
is now a Map<String, AuthStrategy<User>>
.AuthStrategy.canLogout
.AngelAuthTokenCallback
generic.dart2_constant
.requireAuth
.userKey
, instead favoring generic parameters.requireAuth
, in favor of requireAuthentication
.userKey
.middlewareName
.LocalAuthStrategy
from correctly propagating the authenticated user when
using Basic
auth.tokenCallback
is called.logout
to properly erase cookiesauthenticate
returns the current user, if one is present._apply
now always sends a token
cookie.protectCookie
to only send maxAge
when it is not -1
.protectCookie
, to better protect data sent in cookies.LocalAuthStrategy
returns true
on Basic
authentication.LocalAuthStrategy
's handling of Basic
authentication.example/example.dart
import 'dart:async';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_framework/http.dart';
main() async {
var app = new Angel();
var auth = new AngelAuth<User>();
auth.serializer = (user) => user.id;
auth.deserializer = (id) => fetchAUserByIdSomehow(id);
// Middleware to decode JWT's and inject a user object...
app.fallback(auth.decodeJwt);
auth.strategies['local'] = new LocalAuthStrategy((username, password) {
// Retrieve a user somehow...
// If authentication succeeds, return a User object.
//
// Otherwise, return `null`.
});
app.post('/auth/local', auth.authenticate('local'));
var http = new AngelHttp(app);
await http.startServer('127.0.0.1', 3000);
print('Listening at http://127.0.0.1:3000');
}
class User {
String id, username, password;
}
Future<User> fetchAUserByIdSomehow(id) async {
// Fetch a user somehow...
throw new UnimplementedError();
}
Add this to your package's pubspec.yaml file:
dependencies:
angel_auth: ^2.1.1
You can install packages from the command line:
with pub:
$ pub get
with Flutter:
$ flutter packages get
Alternatively, your editor might support pub get
or flutter packages get
.
Check the docs for your editor to learn more.
Now in your Dart code, you can use:
import 'package:angel_auth/angel_auth.dart';
Version | Uploaded | Documentation | Archive |
---|---|---|---|
2.1.1 | Jan 5, 2019 |
|
|
2.1.0 | Jan 4, 2019 |
|
|
2.0.4 | Dec 31, 2018 |
|
|
2.0.3 | Dec 9, 2018 |
|
|
2.0.2 | Nov 9, 2018 |
|
|
2.0.1 | Sep 12, 2018 |
|
|
2.0.0+1 | Sep 12, 2018 |
|
|
2.0.0 | Sep 11, 2018 |
|
|
1.2.0 | Jul 12, 2018 |
|
|
1.1.1+6 | Jul 10, 2018 |
|
|
Popularity:
Describes how popular the package is relative to other packages.
[more]
|
80
|
Health:
Code health derived from static analysis.
[more]
|
100
|
Maintenance:
Reflects how tidy and up-to-date the package is.
[more]
|
100
|
Overall:
Weighted score of the above.
[more]
|
90
|
We analyzed this package on Feb 14, 2019, and provided a score, details, and suggestions below. Analysis was completed with status completed using:
Detected platforms: Flutter, other
Primary library:
package:angel_auth/angel_auth.dart
with components:io
.
Package | Constraint | Resolved | Available |
---|---|---|---|
Direct dependencies | |||
Dart SDK | >=2.0.0-dev <3.0.0 | ||
angel_framework | ^2.0.0-alpha | 2.0.0-alpha.22 | |
charcode | ^1.0.0 | 1.1.2 | |
collection | ^1.0.0 | 1.14.11 | |
crypto | ^2.0.0 | 2.0.6 | |
http_parser | ^3.0.0 | 3.1.3 | |
meta | ^1.0.0 | 1.1.7 | |
quiver_hashcode | ^2.0.0 | 2.0.0 | |
Transitive dependencies | |||
angel_container | 1.0.0 | ||
angel_http_exception | 1.1.0 | ||
angel_model | 1.0.1 | ||
angel_route | 3.0.5 | ||
code_buffer | 1.0.1 | ||
combinator | 1.1.0 | ||
convert | 2.1.1 | ||
dart2_constant | 1.0.2+dart2 | ||
file | 5.0.7 | ||
http2 | 1.0.0 | ||
http_server | 0.9.8+1 | ||
intl | 0.15.7 | ||
matcher | 0.12.4 | ||
merge_map | 1.0.2 | ||
mime | 0.9.6+2 | ||
mock_request | 1.0.5 | ||
path | 1.6.2 | ||
quiver | 2.0.1 | ||
source_span | 1.5.4 | ||
stack_trace | 1.9.3 | ||
string_scanner | 1.0.4 | ||
term_glyph | 1.1.0 | ||
tuple | 1.0.2 | ||
typed_data | 1.1.6 | ||
uuid | 2.0.0 | ||
Dev dependencies | |||
http | ^0.12.0 | ||
io | ^0.3.2 | ||
logging | ^0.11.0 | 0.11.3+2 | |
pedantic | ^1.0.0 | ||
test | ^1.0.0 |