![Maven Central Adds Sigstore Signature Validation](https://cdn.sanity.io/images/cgdhsj6q/production/7da3bc8a946cfb5df15d7fcf49767faedc72b483-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
feathers-authentication-popups
Advanced tools
Server and client utils for implementing popup-based authentication flows
Server and client utils for implementing popup-based authentication flows
This package includes a few useful tools for implementing popup-based OAuth login flows. It contains utility functions for the browser and middleware for the server.
There are two client utilities: one to assist with opening popups, and another to assist in cross-window communication.
openLoginPopup(url, options)
Opens a centered popup window at the given url
.
import openLoginPopup from 'feathers-authentication-popups';
openLoginPopup('/auth/github');
{String}
: The URL of the new window.{Object}
: optional - allows for customizing the width
and height
of the popup window.The default options
are:
width
: 1024,height
: 630authAgent
An EventEmitter automatically assigned as a global at window.authAgent
to allow popup windows to send information back to the main window. Both windows must be on the same domain for this to work.
Usage in the primary application window:
// Adds
import 'feathers-authentication-popups';
function doSomethingWithToken (token) {
// Do something with the token
}
window.authAgent.on('login', doSomethingWithToken);
The doSomethingWithToken
function will run when the 'login' event is emitted on window.authAgent
.
Usage in the popup window on the same domain:
var token = readCookie('feathers-jwt');
// Trigger the 'login' event on the main window's `authAgent`
window.opener.authAgent.emit('login', token);
authAgent.on(eventName, handler)
Adds an event listener to the authAgent
whose handler runs every time the event with given eventName
is triggered.
{String}
: The name of the event to subscribe to.{Function}
: A function to be executed to handle the event.authAgent.once(eventName, handler)
Adds an event listener to the authAgent
whose handler runs only once when the event with given eventName
is triggered.
{String}
: The name of the event to subscribe to.{Function}
: A function to be executed to handle the event.authAgent.off(eventName, handler
)Removes a handler function from the authAgent
{String}
: The name of the event to unsubscribe from.{Function}
: A reference to a previously-subscribed function to be unsubscribed.Triggers the event attached to the provided eventName
and calls the subscribed handlers with the args
.
{String}
: The name of the event to trigger.{any}
: arguments to be passed to event handlers, usually authentication-related information (like a JSON Web Token).The Express middleware is meant to be registered as the success callback of a Feathers authentication workflow.
successHandler(options|cookieName)
Creates Express middleware that handles successful auth by returning an HTML page that:
authAgent
.var successHandler = require('feathers-authentication-popups/middleware');
// Pass an object containing a `name` attribute.
var options = app.get('cookie');
app.get('/auth/success', successHandler(options));
// Or pass a string for the cookie name.
app.get('/auth/success', successHandler('feathers-jwt'));
{Object}
: An object with a name
attribute.{String}
: The cookie name.Copyright (c) 2016
Licensed under the MIT license.
FAQs
Server and client utils for implementing popup-based authentication flows
We found that feathers-authentication-popups demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.