Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@lcgroup.core/auth

Package Overview
Dependencies
Maintainers
4
Versions
8
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@lcgroup.core/auth

Authentication module

  • 9.0.0
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
3
Maintainers
4
Weekly downloads
 
Created
Source

@lcgroup.core/auth

AuthModule allows to add authentication/authorization mechanism (based on security token service) to your project.

Features

  • JWT integration
  • Custom user support
  • Extensibility auth logic (Custom auth service support)
  • Available two ways of token storage - via localstorage (by default) or cookie

Setup

AuthModule works in pair with JwtModule.

Setup example:

    export function jwtOptionsFactory(authTokenService: AuthTokenService) {
        return {
            tokenGetter: () => {
                return authTokenService.getToken();
            },
            allowedDomains: environment.allowedDomains
        };
    }
    // ...
    JwtModule.forRoot({
        jwtOptionsProvider: {
            provide: JWT_OPTIONS,
            useFactory: jwtOptionsFactory,
            deps: [AuthTokenService]
        }
    }),
    AuthModule.forRoot({
        stsParams: {
            client_id: 'your_client_id',
            client_secret: 'some_secret',
            scope: 'your scopes divided with space'
        },
        tokenEndpoint:
            environment.identityServerUrl + AUTH_OPTIONS_DEFAULTS.tokenEndpoint 
    })

Options:

export interface AuthOptions<T> {
    userType?: new() => T; // User class. default: User
    tokenName?: string; // token storage name. default: 'access_token'
    tokenEndpoint?: string; // token endpoint url. default: '/identity/connect/token'
    stsParams?: OAuthParams;
}
export interface OAuthParams {
   scope: string;
   client_id: string;
   client_secret: string;
}

It is possible to use custom user that extends class User:

export class CustomUser extends User {
  public custom_claim: string;
}

To access the claim display mode, you need to pass the enableDevHotkey parameter:

    AuthModule.forRoot({
        ...,
        { enableDevHotkey: true }
    })

To enable the mode, press the key combination Ctrl+F7.

Usage

AuthService

AuthService is the main part of authentication and authorization control.

@Inject(AUTH_SERVICE) private authService: AuthService<User>
login(login: string, password: string): Observable<T> // http call for login and update user
logout(): T // logout (clear store and update user$)
authorize(claim: string | string[] = null) // check user claims
getUser(): T // current user entity from store

user$:  BehaviorSubject<T>; // automatically updating user entity

Authorize directive

Checks user claims and removes inner html if user hasn't got specified claim:

<li routerLinkActive="active" *authorize="'app.debtors'">
    content
</li>

You might want to hide content for anonymous users:

<li routerLinkActive="active" *authorize>
    content
</li>

AuthorizeControl directive

Checks user claims and set 'disabled' attribute for button/input/form, etc.

<button type="button" authorizeControl="users:roles_EDIT">
    Button
</button>

Checks user claims and set 'disabled' attribute and styles (pointer-events, opacity) for span/i

<span authorizeControl="users:list_EDIT">
    X
</span>

You must handle http statuses by your own. It's project specific. Implement HttpInterceptor and provide it.

reason: https://limezaim.atlassian.net/browse/KRNL-22

@Injectable()
export class AuthInterceptor implements HttpInterceptor {
    constructor(
        private injector: Injector // https://github.com/angular/angular/issues/18224
    ) { }

    intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
        const authService = this.injector.get(AUTH_SERVICE);
        const router = this.injector.get(Router);
        return next.handle(req)
            .catch(error => {
                if (error && error.status === 401) {
                    authService.logout();
                    router.navigateByUrl('/');
                }
                return throwError(error);
            });
    }
}

{
    provide: HTTP_INTERCEPTORS,
    useClass: AuthInterceptor,
    multi: true
}

Custom AuthService implementation example

class CustomAuthService<T extends User> extends AuthService<T> {

    private logoutStatus = false;

    constructor (
        authApi: AuthApiService,
        authTokenService: AuthTokenService,
        jwtHelperService: JwtHelperService,
        @Inject(AUTH_OPTIONS) options: AuthOptions<T>
      ) {
        super(authApi, authTokenService, jwtHelperService, options);
    }

    get getLogoutStatus(): boolean {
        return this.logoutStatus;
    }

    logout() {
      const logoutResult = super.logout();
      this.logoutStatus = true;
      return logoutResult;
    }
}
    AuthModule.forRoot({ userType: User }, CustomAuthService)
    npm install ngx-cookie@^4.1.2

Commands

Tests

npm run test npm run test:watch

Build

npm run build

Release

npm run release

Keywords

FAQs

Package last updated on 23 Jan 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc