amphora-auth
Advanced tools
Readme
A module for Amphora to offer authentication in Clay.
First, install the module:
npm install -s amphora-auth
Then, call the module when setting up the routes for Amphora by passing the required parameters:
// Initialize auth module
amphoraAuth({
router // Site router
providers, // Authentication providers
store, // Redis Session Store
site, // Site metadata
storage, // DB instance
bus // Redis bus instance
});
This module provides local authentication in Clay with a username and password and allows for easy configuration of Oauth for authentication with third-party providers. Here's a list of the supported providers:
To get started editing in Clay, create a user account. The easiest way to do this is to create a user.yml file that looks like this:
_users:
- # Google User
username: <your full email address>
provider: google
auth: admin
- # Local User
username: myuser
password: mypassword
provider: local
auth: admin
And import the configuration using claycli:
cat user.yml | clay import -k <local_api_key> -y localhost
The following env variables are required in order to be able to authenticate a user through the providers:
export CLAY_PROVIDER=google
export TWITTER_CONSUMER_KEY=<TWITTER_CONSUMER_KEY>
export TWITTER_CONSUMER_SECRET=<TWITTER_CONSUMER_SECRET>
export GOOGLE_CONSUMER_KEY=<GOOGLE_CONSUMER_KEY>
export GOOGLE_CONSUMER_SECRET=<GOOGLE_CONSUMER_SECRET>
export SLACK_CONSUMER_KEY=<SLACK_CONSUMER_KEY>
export SLACK_CONSUMER_SECRET=<SLACK_CONSUMER_SECRET>
export COGNITO_CONSUMER_KEY=<COGNITO_CLIENT_ID>
export COGNITO_CONSUMER_SECRET=<COGNITO_SECRET>
export COGNITO_CONSUMER_DOMAIN=<COGNITO_AUTHENICATION_DOMAIN>
export COGNITO_CONSUMER_REGION=<COGNITO_INSTANCE_REGION>
export LDAP_URL=<LDAP_URL>
export LDAP_BIND_DN=<LDAP_BIND_DN>
export LDAP_BIND_CREDENTIALS=<LDAP_BIND_CREDENTIALS>
export LDAP_SEARCH_BASE=<LDAP_SEARCH_BASE>
export LDAP_SEARCH_FILTER=<LDAP_SEARCH_FILTER>
MIT
FAQs
An auth adapter for Amphora
We found that amphora-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.