Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

casdoor-js-sdk

Package Overview
Dependencies
Maintainers
0
Versions
30
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

casdoor-js-sdk

Javascript client SDK for Casdoor

  • 0.16.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
0
Created
Source

casdoor-js-sdk

NPM version NPM download codebeat badge GitHub Actions GitHub Actions Coverage Status Release Discord

This is Casdoor's SDK for js will allow you to easily connect your application to the Casdoor authentication system without having to implement it from scratch.

Casdoor SDK is very simple to use. We will show you the steps below.

Usage in NPM environment

Installation

# NPM
npm i casdoor-js-sdk


# Yarn
yarn add casdoor-js-sdk

Init SDK

Initialization requires 5 parameters, which are all string type:

Name (in order)MustDescription
serverUrlYesyour Casdoor server URL
clientIdYesthe Client ID of your Casdoor application
appNameYesthe name of your Casdoor application
organizationNameYesthe name of the Casdoor organization connected with your Casdoor application
redirectPathNothe path of the redirect URL for your Casdoor application, will be /callback if not provided
signinPathNothe path of the signin URL for your Casdoor application, will be /api/signin if not provided
import {SDK, SdkConfig} from 'casdoor-js-sdk'

const sdkConfig: SdkConfig = {
    serverUrl: "https://door.casbin.com",
    clientId: "014ae4bd048734ca2dea",
    appName: "app-casnode",
    organizationName: "casbin",
    redirectPath: "/callback",
    signinPath: "/api/signin",
}
const sdk = new SDK(sdkConfig)
// call sdk to handle

Usage in vanilla Javascript

Import and init SDK

Initialization parameters are consistent with the previous node.js section:

<!--init the SDK-->
<script type="module">
  //Import from cdn(you can choose the appropriate cdn source according to your needs), or just from the local(download the casdoor-js-sdk first)
  import SDK from 'https://unpkg.com/casdoor-js-sdk@latest/lib/esm/sdk.js'
  const sdkConfig = {
    serverUrl: "https://door.casbin.com",
    clientId: "014ae4bd048734ca2dea",
    appName: "app-casnode",
    organizationName: "casbin",
    redirectPath: "/callback",
    signinPath: "/api/signin",
  }
  window.sdk = new SDK(sdkConfig)
</script>

Call functions in SDK

<script type="text/javascript">
  function gotoSignUpPage() {
    window.location.href = sdk.getSigninUrl()
  }
</script>

API reference interface

Get sign up url
getSignupUrl(enablePassword)

Return the casdoor url that navigates to the registration screen

Get sign in url
getSigninUrl()

Return the casdoor url that navigates to the login screen

Get user profile page url
getUserProfileUrl(userName, account)

Return the url to navigate to a specific user's casdoor personal page

Get my profile page url
getMyProfileUrl(account)
Sign in
signin(serverUrl, signinPath)

Handle the callback url from casdoor, call the back-end api to complete the login process

Determine whether silent sign-in is being used
isSilentSigninRequested()

We usually use this method to determine if silent login is being used. By default, if the silentSignin parameter is included in the URL and equals one, this method will return true. Of course, you can also use any method you prefer.

silentSignin
silentSignin(onSuccess, onFailure)

First, let's explain the two parameters of this method, which are the callback methods for successful and failed login. Next, I will describe the execution process of this method. We will create a hidden "iframe" element to redirect to the login page for authentication, thereby achieving the effect of silent sign-in.

popupSignin
popupSignin(serverUrl, signinPath)

Popup a window to handle the callback url from casdoor, call the back-end api to complete the login process and store the token in localstorage, then reload the main window. See Demo: casdoor-nodejs-react-example.

OAuth2 PKCE flow sdk (for SPA without backend)

Start the authorization process

Typically, you just need to go to the authorization url to start the process. This example is something that might work in an SPA.

signin_redirect();

You may add additional query parameters to the authorize url by using an optional second parameter:

const additionalParams = {test_param: 'testing'};
signin_redirect(additionalParams);
Trade the code for a token

When you get back here, you need to exchange the code for a token.

sdk.exchangeForAccessToken().then((resp) => {
    const token = resp.access_token;
    // Do stuff with the access token.
});

As with the authorizeUrl method, an optional second parameter may be passed to the exchangeForAccessToken method to send additional parameters to the request:

const additionalParams = {test_param: 'testing'};

sdk.exchangeForAccessToken(additionalParams).then((resp) => {
    const token = resp.access_token;
    // Do stuff with the access token.
});
Parse the access token

Once you have an access token, you can parse it into JWT header and payload.

const result = sdk.parseAccessToken(accessToken);
console.log("JWT algorithm: " + result.header.alg);
console.log("User organization: " + result.payload.owner);
console.log("User name: " + result.payload.name);
Get user info

Once you have an access token, you can use it to get user info.

getUserInfo(accessToken).then((resp) => {
    const userInfo = resp;
    // Do stuff with the user info.
});
Refresh access token

You could use a refresh token, to get a new token from the oauth server when token expired.

sdk.refreshAccessToken(refreshToken).then((resp) => {
    const token = resp.access_token;
    // Do stuff with new access token
});
A note on Storage

By default, this package will use sessionStorage to persist the pkce_state. On (mostly) mobile devices there's a higher chance users are returning in a different browser tab. E.g. they kick off in a WebView & get redirected to a new tab. The sessionStorage will be empty there.

In this case it you can opt in to use localStorage instead of sessionStorage:

import {SDK, SdkConfig} from 'casdoor-js-sdk'

const sdkConfig = {
  // ...
  storage: localStorage, // any Storage object, sessionStorage (default) or localStorage
}

const sdk = new SDK(sdkConfig)

More examples

To see how to use casdoor frontend SDK with casdoor backend SDK, you can refer to examples below:

casnode: casdoor-js-sdk + casdoor-go-sdk

casdoor-python-vue-sdk-example: casdoor-vue-sdk + casdoor-python-sdk

A more detailed description can be moved to:casdoor-sdk

Keywords

FAQs

Package last updated on 30 Oct 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc