-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
12 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,5 @@ | ||
| #loopback-example-user-management | ||
| # loopback-example-user-management | ||
|
|
||
| ``` | ||
| $ git clone [email protected]:strongloop/loopback-example-user-management.git | ||
| $ cd loopback-example-user-management | ||
|
|
@@ -13,49 +14,49 @@ $ node . | |
| - [How do you log out a user?](https://github.com/strongloop/loopback-example-user-management#how-do-you-log-out-a-user) | ||
| - [How do you perform a password reset for a registered user](https://github.com/strongloop/loopback-example-user-management#how-do-you-perform-a-password-reset-for-a-registered-user) | ||
|
|
||
| ######Notes | ||
| ###### Notes | ||
| - You will need to [configure LoopBack to send email](https://docs.strongloop.com/display/public/LB/Email+connector) for email related features | ||
| - If you're using GMail, you can simply [replace the user and pass](https://github.com/strongloop/loopback-example-user-management/blob/master/server/datasources.json#L19-L20) with your own credentials. | ||
| - With GMail, you might need to temporarily allow "less secure" apps to access you email account. See [Allowing less secure apps to access your account](https://support.google.com/accounts/answer/6010255) for more information. | ||
|
|
||
| #Project Layout | ||
| ## Project Layout | ||
| - `common/models` contains the extended user files. `user.js` contains user the logic for sending emails and password reset, while `user.json` contains the model definition. | ||
| - `server/boot/authentication.js` enables authentication middleware with the `enableAuth()` method. It's this middleware that finds the access token id string (usually from the query string) and appends entire token instance onto the express request object as `req.accessToken`. From there, you can find the user's ID: `req.accessToken.userId` (used in the `routes.js` file, see directly below). | ||
| - `server/boot/routes.js` contains all the routing logic. In this example, we have used [ExpressJS](http://expressjs.com/) to configure the routing since each LoopBack app is an extended version of an Express app. | ||
| - `server/views`contains all the views (or pages) rendered by Express using the [EJS templating framework](http://www.embeddedjs.com/) | ||
| - `server/datasources.json` contains the datasource configurations. Here is where we add an email datasource. | ||
| - `server/model-config.json` contains the all the model configurations. Here is where we configure the extended user model (lowercase 'u') and the email model. The rest of the models are all built-in LoopBack models. | ||
|
|
||
| ######Note | ||
| ###### Note | ||
| All other files have not been modified from their defaults. | ||
|
|
||
| #How do you register a new user? | ||
| ## How do you register a new user? | ||
| 1. Create a [form](https://github.com/strongloop/loopback-example-user-management/blob/master/server/views/login.ejs#L21-L36) to gather sign up information | ||
| 2. Create a [remote hook](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L5-L35) to [send a verification email](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L9-L34) | ||
|
|
||
| ######Notes | ||
| ###### Notes | ||
| - Upon execution, [`user.verify`](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L19) sends an email using the provided [options](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L9-L17) | ||
| - The verification email is configured to [redirect the user to the `/verified` route](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L15) in our example. For your app, you should configure the redirect to match your use case | ||
| - The [options](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L9-L17) are self-explanitory except `type`, `template` and `user` | ||
| - `type` - value must be `email` | ||
| - `template` - the path to the template to use for the verification email | ||
| - `user` - when provided, the information in the object will be used in the verification link email | ||
|
|
||
| #How do you send an email verification for a new user registration? | ||
| ## How do you send an email verification for a new user registration? | ||
| See [step 2](https://github.com/strongloop/loopback-example-user-management#how-do-you-register-a-new-user) in the previous question | ||
|
|
||
| #How do you log in a user? | ||
| ## How do you log in a user? | ||
| 1. Create a [form to accept login credentials](https://github.com/strongloop/loopback-example-user-management/blob/master/server/views/login.ejs#L2-L17) | ||
| 2. Create an [route to handle the login request](https://github.com/strongloop/loopback-example-user-management/blob/master/server/boot/routes.js#L20-L41) | ||
|
|
||
| #How do you log out a user? | ||
| ## How do you log out a user? | ||
| 1. Create a [logout link with the access token embedded into the URL](https://github.com/strongloop/loopback-example-user-management/blob/master/server/views/home.ejs#L4) | ||
| 2. Call [`User.logout`](https://github.com/strongloop/loopback-example-user-management/blob/master/server/boot/routes.js#L45) with the access token | ||
|
|
||
| ######Notes | ||
| ###### Notes | ||
| - We use the LoopBack token middleware to process access tokens. As long as you provide `access_token` in the query string of URL, the access token object will be provided in `req.accessToken` property in your route handler | ||
|
|
||
| #How do you perform a password reset for a registered user? | ||
| ## How do you perform a password reset for a registered user? | ||
| 1. Create a [form to gather password reset info](https://github.com/strongloop/loopback-example-user-management/blob/master/server/views/login.ejs#L40-L51) | ||
| 2. Create an [endpoint to handle the password reset request](https://github.com/strongloop/loopback-example-user-management/blob/master/server/boot/routes.js#L52-L66). Calling `User.resetPassword` ultimately emits a `resetPasswordRequest` event and creates a temporary access token | ||
| 3. Register an event handler for the `resetPasswordRequest` that sends an email to the registered user. In our example, we provide a [URL](https://github.com/strongloop/loopback-example-user-management/blob/master/common/models/user.js#L40-L41) that redirects the user to a [password reset page authenticated with a temporary access token](https://github.com/strongloop/loopback-example-user-management/blob/master/server/boot/routes.js#L68-L74) | ||
|
|
||