Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
feathers-authentication-popups
Advanced tools
Server and client utils for implementing popup-based authentication flows
Server and client utils for implementing popup-based authentication flows
This package includes a few useful tools for implementing popup-based OAuth login flows. It contains utility functions for the browser and middleware for the server.
There are two client utilities: one to assist with opening popups, and another to assist in cross-window communication.
openLoginPopup(url, options)
Opens a centered popup window at the given url
.
import openLoginPopup from 'feathers-authentication-popups';
openLoginPopup('/auth/github');
{String}
: The URL of the new window.{Object}
: optional - allows for customizing the width
and height
of the popup window.The default options
are:
width
: 1024,height
: 630authAgent
An EventEmitter automatically assigned as a global at window.authAgent
to allow popup windows to send information back to the main window. Both windows must be on the same domain for this to work.
Usage in the primary application window:
// Adds
import 'feathers-authentication-popups';
function doSomethingWithToken (token) {
// Do something with the token
}
window.authAgent.on('login', doSomethingWithToken);
The doSomethingWithToken
function will run when the 'login' event is emitted on window.authAgent
.
Usage in the popup window on the same domain:
var token = readCookie('feathers-jwt');
// Trigger the 'login' event on the main window's `authAgent`
window.opener.authAgent.emit('login', token);
authAgent.on(eventName, handler)
Adds an event listener to the authAgent
whose handler runs every time the event with given eventName
is triggered.
{String}
: The name of the event to subscribe to.{Function}
: A function to be executed to handle the event.authAgent.once(eventName, handler)
Adds an event listener to the authAgent
whose handler runs only once when the event with given eventName
is triggered.
{String}
: The name of the event to subscribe to.{Function}
: A function to be executed to handle the event.authAgent.off(eventName, handler
)Removes a handler function from the authAgent
{String}
: The name of the event to unsubscribe from.{Function}
: A reference to a previously-subscribed function to be unsubscribed.Triggers the event attached to the provided eventName
and calls the subscribed handlers with the args
.
{String}
: The name of the event to trigger.{any}
: arguments to be passed to event handlers, usually authentication-related information (like a JSON Web Token).The Express middleware is meant to be registered as the success callback of a Feathers authentication workflow.
successHandler(options|cookieName)
Creates Express middleware that handles successful auth by returning an HTML page that:
authAgent
.var successHandler = require('feathers-authentication-popups/middleware');
// Pass an object containing a `name` attribute.
var options = app.get('cookie');
app.get('/auth/success', successHandler(options));
// Or pass a string for the cookie name.
app.get('/auth/success', successHandler('feathers-jwt'));
{Object}
: An object with a name
attribute.{String}
: The cookie name.Copyright (c) 2016
Licensed under the MIT license.
v0.1.0 (2016-11-22)
Merged pull requests:
FAQs
Server and client utils for implementing popup-based authentication flows
The npm package feathers-authentication-popups receives a total of 49 weekly downloads. As such, feathers-authentication-popups popularity was classified as not popular.
We found that feathers-authentication-popups demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.