Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
angular-lock
Advanced tools
Readme
This module provides a thin wrapper for version 11 of Auth0's Lock widget.
Note: angular-lock version 2.0 is meant to be used with Auth0Lock version 11.16.2 or higher. Please ensure you have auth0.js v8 or higher loaded as well.
Bower
bower install angular-lock
Ensure that both Auth0Lock and angular-lock are loaded on the page.
<script src="bower_components/auth0-lock/build/lock.js"></script>
<script src="bower_components/auth0.js/build/auth0.js"></script>
<script src="bower_components/angular-lock/build/angular-lock.js"></script>
Bring in the auth0.lock
module.
var app = angular.module('myApp', ['auth0.lock']);
Configure Auth0Lock by using lockProvider
. If you haven't done so yet, sign up for Auth0, create a client app, and get your clientID and domain. To learn more about Auth0Lock's API and the options it takes, see the API documentation and the list of customization options.
app.config(function(lockProvider) {
lockProvider.init({
clientID: AUTH0_CLIENT_ID,
domain: AUTH0_DOMAIN,
options: LOCK_OPTIONS
});
});
With Lock versions > 10.9 (and thus auth0.js versions > 8.0), the id_token
must be signed with the RS256 algorithm. You may choose to skip id_token
verification if you need to use HS256 as the signing algorithm.
app.config(function(lockProvider) {
lockProvider.init({
clientID: AUTH0_CLIENT_ID,
domain: AUTH0_DOMAIN,
options: {
_idTokenVerification: false
}
});
});
See the auth0.js migration guide for more information.
Use lock
in the run
block, in a service, or in a controller. For example, show the Auth0Lock widget from a controller and associated view.
app.controller('loginController', function(lock) {
var vm = this;
vm.lock = lock;
});
<div ng-controller="loginController as login">
<button ng-click="login.lock.show()">Log In</button>
</div>
Then, set up a listener for the authenticated
event.
app.run(function(lock) {
// For use with UI Router
lock.interceptHash();
lock.on('authenticated', function(authResult) {
localStorage.setItem('id_token', authResult.idToken);
lock.getProfile(authResult.idToken, function(error, profile) {
if (error) {
console.log(error);
}
localStorage.setItem('profile', JSON.stringify(profile));
});
});
});
Auth0 helps you to:
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.
FAQs
Angular wrapper for Lock
The npm package angular-lock receives a total of 242 weekly downloads. As such, angular-lock popularity was classified as not popular.
We found that angular-lock demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 35 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.