Skip to content
This repository has been archived by the owner on Dec 29, 2018. It is now read-only.

Server and client utils for implementing popup-based authentication flows

License

Notifications You must be signed in to change notification settings

feathersjs-ecosystem/feathers-authentication-popups

Repository files navigation

feathers-authentication-popups

Unmaintained: This project is no longer maintained

Greenkeeper badge

Build Status Code Climate Test Coverage Dependency Status Download Status Slack Status

Server and client utils for implementing popup-based authentication flows

Summary

This package includes a few useful tools for implementing popup-based OAuth login flows. It contains utility functions for the browser and middleware for the server.

Using the Client Utils

There are two client utilities: one to assist with opening popups, and another to assist in cross-window communication.

openLoginPopup(url, options)

Opens a centered popup window at the given url.

import openLoginPopup from 'feathers-authentication-popups';

openLoginPopup('/auth/github');
  1. url {String}: The URL of the new window.
  2. options {Object}: optional - allows for customizing the width and height of the popup window.

The default options are:

  • width: 1024,
  • height: 630

authAgent

An EventEmitter automatically assigned as a global at window.authAgent to allow popup windows to send information back to the main window. Both windows must be on the same domain for this to work.

Usage in the primary application window:

// Adds
import 'feathers-authentication-popups';

function doSomethingWithToken (token) {
	// Do something with the token
}

window.authAgent.on('login', doSomethingWithToken);

The doSomethingWithToken function will run when the 'login' event is emitted on window.authAgent.

Usage in the popup window on the same domain:

var token = readCookie('feathers-jwt');

// Trigger the 'login' event on the main window's `authAgent`
window.opener.authAgent.emit('login', token);

authAgent.on(eventName, handler)

Adds an event listener to the authAgent whose handler runs every time the event with given eventName is triggered.

  1. eventName {String}: The name of the event to subscribe to.
  2. handler {Function}: A function to be executed to handle the event.

authAgent.once(eventName, handler)

Adds an event listener to the authAgent whose handler runs only once when the event with given eventName is triggered.

  1. eventName {String}: The name of the event to subscribe to.
  2. handler {Function}: A function to be executed to handle the event.

authAgent.off(eventName, handler)

Removes a handler function from the authAgent

  1. eventName {String}: The name of the event to unsubscribe from.
  2. handler {Function}: A reference to a previously-subscribed function to be unsubscribed.

authAgent.emit(eventName, args)

Triggers the event attached to the provided eventName and calls the subscribed handlers with the args.

  1. eventName {String}: The name of the event to trigger.
  2. args {any}: arguments to be passed to event handlers, usually authentication-related information (like a JSON Web Token).

Using the Express Middleware

The Express middleware is meant to be registered as the success callback of a Feathers authentication workflow.

successHandler(options|cookieName)

Creates Express middleware that handles successful auth by returning an HTML page that:

  • Pulls the token from the cookie location.
  • Sends the token to the parent window through the authAgent.
  • Closes the popup window.
var successHandler = require('feathers-authentication-popups/express');

// Pass an object containing a `name` attribute.
var options = app.get('cookie');
app.get('/auth/success', successHandler(options));

// Or pass a string for the cookie name.
app.get('/auth/success', successHandler('feathers-jwt'));
  1. options {Object}: An object with a name attribute.
  2. cookieName {String}: The cookie name.

License

Copyright (c) 2016

Licensed under the MIT license.

About

Server and client utils for implementing popup-based authentication flows

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published