Skip to content

championswimmer/oneauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits

.idea

.idea

 
 

db

db

 
 

oauth

oauth

 
 

passport

passport

 
 

public_static

public_static

 
 

routers

routers

 
 

utils

utils

 
 

views

views

 
 

.bithoundrc

.bithoundrc

 
 

.codebeatignore

.codebeatignore

 
 

.codeclimate.yml

.codeclimate.yml

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

README.md

README.md

 
 

config.json

config.json

 
 

package.json

package.json

 
 

secrets-sample.json

secrets-sample.json

 
 

server.js

server.js

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

oneauth

Code Climate bitHound Code bitHound Dependencies CodeFactor codebeat badge

Flattr this git repo

Installation

Step 1 : Database Setup

Step 2 : Deploy

OAuth2 Server Usage

oneauth is an OAuth2 server, that you can consume

A few terms to remember -

Term Definition
auth token A token, used in lieu of user+password credentials, to make API requests
grant code A code that can be exchanged for a auth token
client id Unique identifier for each client
client secret A secret key, to be used to exchange codes for tokens

Grant Code Flow (frontend + backend clients)

This will get you a grant code (that can be exchanged for an auth token). Redirect the user to the below URL on the frontend

GET
http://localhost:3838/oauth/authorize?
        response_type=code
    &   client_id=9990781661
    &   redirect_uri=http://hackerblocks.com/callback

Then from your backend get the auth token

POST
http://localhost:3838/oauth/token
        client_id=9990781661
    &   redirect_uri=hackerblocks.com/authback
    &   client_secret=ZyTe3zCR67REHND7CHa9zH39NllvLWYULCedocZDLaCkSVTA7GGE1s1Hjrgkos09
    &   grant_type=authorization_code
    &   code=MyiLDqJwTpzEXqYOG1jNFCtjEzYHAR4U

Retrieve the bearer token from the response body

Ensure you do not leak client secret to the frontend

Implicit Auth Token Flow (pure frontend clients)

This will get you a bearer token straight away on frontend

GET
http://localhost:3838/oauth/authorize?
        response_type=token
    &   client_id=9990781661
    &   redirect_uri=http://hackerblocks.com/callback

Retrive the bearer token from the URL

Oauth2 Consumer Usage

oneauth is also an OAuth2 consumer, so users can link other accounts they have on Facebook/Twitter/Google etc

Pages

/login

Existing user login

/signup

New user signup

/user/me

User profile data of logged in user

/user/{userid}

User profie data (only public data) of any user

/clients

All clients created by currently logged in user

/clients/{clientid}

Details of the client (given the user who owns it is logged in)

Credits

Libraries Used

This is built upon the insanely useful and easy to use Oauth2 libraries built by jaredhanson from auth0

Inspirations

We built this at @coding-blocks looking at a similar solution hasgeek has here - http://github.com/hasgeek/lastuser We made our own, instead of using lastuser, because (a) the documentation was a little lacking on lastuser, and (b) we were more comfortable on a NodeJS+Postgres based stack.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

173 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages