Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
angular-lock
Advanced tools
This module provides a thin wrapper for version 11 of Auth0's Lock widget.
Note: angular-lock version 2.0 is meant to be used with Auth0Lock version 11.16.2 or higher. Please ensure you have auth0.js v8 or higher loaded as well.
Bower
bower install angular-lock
Ensure that both Auth0Lock and angular-lock are loaded on the page.
<script src="bower_components/auth0-lock/build/lock.js"></script>
<script src="bower_components/auth0.js/build/auth0.js"></script>
<script src="bower_components/angular-lock/build/angular-lock.js"></script>
Bring in the auth0.lock
module.
var app = angular.module('myApp', ['auth0.lock']);
Configure Auth0Lock by using lockProvider
. If you haven't done so yet, sign up for Auth0, create a client app, and get your clientID and domain. To learn more about Auth0Lock's API and the options it takes, see the API documentation and the list of customization options.
app.config(function(lockProvider) {
lockProvider.init({
clientID: AUTH0_CLIENT_ID,
domain: AUTH0_DOMAIN,
options: LOCK_OPTIONS
});
});
With Lock versions > 10.9 (and thus auth0.js versions > 8.0), the id_token
must be signed with the RS256 algorithm. You may choose to skip id_token
verification if you need to use HS256 as the signing algorithm.
app.config(function(lockProvider) {
lockProvider.init({
clientID: AUTH0_CLIENT_ID,
domain: AUTH0_DOMAIN,
options: {
_idTokenVerification: false
}
});
});
See the auth0.js migration guide for more information.
Use lock
in the run
block, in a service, or in a controller. For example, show the Auth0Lock widget from a controller and associated view.
app.controller('loginController', function(lock) {
var vm = this;
vm.lock = lock;
});
<div ng-controller="loginController as login">
<button ng-click="login.lock.show()">Log In</button>
</div>
Then, set up a listener for the authenticated
event.
app.run(function(lock) {
// For use with UI Router
lock.interceptHash();
lock.on('authenticated', function(authResult) {
localStorage.setItem('id_token', authResult.idToken);
lock.getProfile(authResult.idToken, function(error, profile) {
if (error) {
console.log(error);
}
localStorage.setItem('profile', JSON.stringify(profile));
});
});
});
Auth0 helps you to:
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.
FAQs
Angular wrapper for Lock
We found that angular-lock demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 35 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.