adonis-auth
Advanced tools
AdonisJs Auth is a fully featured authentication system for AdonisJs framework.
It supports by default multiple authentication schemes to authenticate HTTP requests.
In order to verify users credentials, it makes use of Serializers and below serializers are shipped with this library.
You are free to add your own schemes and serializers and documentation for same is written on the official website.
Configuration settings are slightly different for each scheme. When you define settings, we call them authenticators.
In short, an authenticator is a combination of scheme, serializer and common settings around them.
// config/auth.js
{
authenticator: 'session',
session: {
// ...
}
}
session: {
serializer: 'Lucid',
scheme: 'session',
model: 'App/Model/User',
uid: 'email',
password: 'password'
}
basicAuth: {
serializer: 'Lucid',
scheme: 'basic',
model: 'App/Model/User',
uid: 'email',
password: 'password'
}
jwt: {
serializer: 'Lucid',
scheme: 'jwt',
model: 'App/Model/User',
secret: Config.get('app.appKey')
}
Personal api tokens are like passwords for a given account. Majority of API's needs API based authentication because:
{
serializer: 'Lucid',
scheme: 'api',
model: 'App/Model/Token',
expiry: '30d'
}
Also you need to create the relationship between the user and the token, so that the Lucid serializer can make use of it.
// app/Model/User.js
class User extends Lucid {
apiTokens () {
return this.hasMany('App/Model/Token')
}
}
// app/Model/Token.js
class Token extends Lucid {
user () {
return this.belongsTo('App/Model/User')
}
}
In order to make use of the Auth provider, you need to register it inside your bootstrap/app.js file.
const providers = [
...,
'adonis-auth/providers/AuthManagerProvider'
]
Next you need to register the AuthInit middleware. This middleware will create a new instance of Auth Manager and will assign it to the request object.
// app/Http/kernel.js
const globalMiddleware = [
...,
'Adonis/Middleware/AuthInit'
]
and you are good to go. From here you can make use of request.auth to authenticate/login your users.
// find if a user is logged in
yield request.auth.check()
// attempt to login a user
yield request.auth.attempt('email', 'password')
// login using user object
yield request.auth.login(user)
yield request.auth.loginViaId(1)
yield request.auth.logout()
Auth provider also ships with an extra middleware, which can be assigned to your routes to authenticate them.
// app/Http/kernel.js
const namedMiddleware = {
auth: 'Adonis/Middleware/Auth'
}
and then inside your routes file you can do.
Route
.get('account', 'AccountsController.index')
.middleware('auth')
Route
.get('account', 'AccountsController.index')
.middleware('auth:basic')
In favor of active development we accept contributions for everyone. You can contribute by submitting a bug, creating pull requests or even improving documentation.
You can find a complete guide to be followed strictly before submitting your pull requests in the Official Documentation.
FAQs
Offical authentication provider for Adonis framework
We found that adonis-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.
Security News
Michigan TypeScript founder Dimitri Mitropoulos implements WebAssembly runtime in TypeScript types, enabling Doom to run after processing 177 terabytes of type definitions.
Security News
vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.