adonis-auth

AdonisJs Auth is a fully featured authentication system for AdonisJs framework.
It supports by default multiple authentication schemes to authenticate HTTP requests.

• Sessions
• Basic-Auth
• JSON Web Token
• API Token

In order to verify users credentials, it makes use of Serializers and below serializers are shipped with this library.

• Lucid
• Database Provider

You are free to add your own schemes and serializers and documentation for same is written on the official website.

Table of Contents

• Config
• Setup
• Team Members
• Contribution Guidelines

## Config

Configuration settings are slightly different for each scheme. When you define settings, we call them authenticators.

In short, an authenticator is a combination of scheme, serializer and common settings around them.

Example

// config/auth.js
{
  authenticator: 'session',

  session: {
    // ...
  }
}

Session

session: {
  serializer: 'Lucid',
  scheme: 'session',
  model: 'App/Model/User',
  uid: 'email',
  password: 'password'
}

Basic Auth

basicAuth: {
  serializer: 'Lucid',
  scheme: 'basic',
  model: 'App/Model/User',
  uid: 'email',
  password: 'password'
}

JSON Web Token

jwt: {
  serializer: 'Lucid',
  scheme: 'jwt',
  model: 'App/Model/User',
  secret: Config.get('app.appKey')
}

API Token

Personal api tokens are like passwords for a given account. Majority of API's needs API based authentication because:

• Their customers developers want to use the API in order to build something.
• Sharing account details with the developer is never secure, so instead they can generate a token and give it to the developer for testing.

{
  serializer: 'Lucid',
  scheme: 'api',
  model: 'App/Model/Token',
  expiry: '30d'
}

Also you need to create the relationship between the user and the token, so that the Lucid serializer can make use of it.

// app/Model/User.js
class User extends Lucid {

  apiTokens () {
    return this.hasMany('App/Model/Token')
  }

}

// app/Model/Token.js
class Token extends Lucid {

  user () {
    return this.belongsTo('App/Model/User')
  }

}

## Setup

In order to make use of the Auth provider, you need to register it inside your bootstrap/app.js file.

Required Setup

const providers = [
  ...,
  'adonis-auth/providers/AuthManagerProvider'
]

Next you need to register the AuthInit middleware. This middleware will create a new instance of Auth Manager and will assign it to the request object.

// app/Http/kernel.js
const globalMiddleware = [
  ...,
  'Adonis/Middleware/AuthInit'
]

and you are good to go. From here you can make use of request.auth to authenticate/login your users.

Usage

// find if a user is logged in
yield request.auth.check()

// attempt to login a user
yield request.auth.attempt('email', 'password')

// login using user object
yield request.auth.login(user)
yield request.auth.loginViaId(1)
yield request.auth.logout()

Automatic Authentication

Auth provider also ships with an extra middleware, which can be assigned to your routes to authenticate them.

// app/Http/kernel.js
const namedMiddleware = {
  auth: 'Adonis/Middleware/Auth'
}

and then inside your routes file you can do.

Using default authenticator

Route
  .get('account', 'AccountsController.index')
  .middleware('auth')

Defining authenticator

Route
  .get('account', 'AccountsController.index')
  .middleware('auth:basic')

## Team Members

• Harminder Virk (Caffiene Blogging) virk.officials@gmail.com

## Contribution Guidelines

In favor of active development we accept contributions for everyone. You can contribute by submitting a bug, creating pull requests or even improving documentation.

You can find a complete guide to be followed strictly before submitting your pull requests in the Official Documentation.