feathers-authentication

feathers-authentication

Add Authentication to your FeathersJS app.

feathers-authentication adds shared PassportJS authentication for Feathers HTTP REST and WebSockets services using JSON Web Tokens.

Installation

npm install feathers-authentication --save

Documentation

Please refer to the Authentication documentation for more details:

• Local Auth Tutorial - How to implement a username and password-based authentication.
• Use Hooks for Authorization - Learn about the bundled hooks.

Complete Example

Here's an example of a Feathers server that uses feathers-authentication for local auth. It includes a users service that uses feathers-mongoose. Note that it does NOT implement any authorization.

import feathers from 'feathers';
import hooks from 'feathers-hooks';
import bodyParser from 'body-parser';
import authentication from 'feathers-authentication';
import { hooks as authHooks } from 'feathers-authentication';
import mongoose from 'mongoose';
import service from 'feathers-mongoose';

const port = 3030;
const Schema = mongoose.Schema;
const UserSchema = new Schema({
  username: {type: String, required: true, unique: true},
  password: {type: String, required: true },
  createdAt: {type: Date, 'default': Date.now},
  updatedAt: {type: Date, 'default': Date.now}
});
let UserModel = mongoose.model('User', UserSchema);

mongoose.Promise = global.Promise;
mongoose.connect('mongodb://localhost:27017/feathers');

let app = feathers()
  .configure(feathers.rest())
  .configure(feathers.socketio())
  .configure(hooks())
  .use(bodyParser.json())
  .use(bodyParser.urlencoded({ extended: true }))
  // Configure feathers-authentication
  .configure(authentication({
    token: {
      secret: 'feathers-rocks'
    },
    local: {
      usernameField: 'username'
    },
    facebook: {
      clientID: '',
      clientSecret: ''
    }
  }));

app.use('/users', new service('user', {Model: UserModel}))

let userService = app.service('users');
userService.before({
  create: [authHooks.hashPassword('password')]
});

let server = app.listen(port);
server.on('listening', function() {
  console.log(`Feathers application started on localhost:${port}`);
});

Client use

You can use the client in the Browser, in NodeJS and in React Native.

import io from 'socket.io-client';
import feathers from 'feathers/client';
import hooks from `feathers-hooks`;
import socketio from 'feathers-socketio/client';
import authentication from 'feathers-authentication/client';

const socket = io('http://path/to/api');
const app = feathers()
  .configure(socketio(socket)) // you could use Primus or REST instead
  .configure(hooks())
  .configure(authentication());

app.io.on('connect', function(){
  app.authenticate({
    type: 'local',
    'email': 'admin@feathersjs.com',
    'password': 'admin'
  }).then(function(result){
    console.log('Authenticated!', result);
  }).catch(function(error){
    console.error('Error authenticating!', error);
  });
});

Changelog

0.3.1

• Fix toLowerCase hook (#74)

0.2.2

• Fix customization of the tokenEndpoint (#57)

0.2.1

• fixing passing custom local options. (#55)

0.2.0

• Migrating existing code to use services
• Standardizing on a hook spec
• Adds support for authenticating with socketio and primus (#32)
• Only signs the JWT with user id (#38)
• Locks down socket authentication (#33)
• Continues the work @marshallswain did on handling expired tokens (#25)
• Adds a bunch more tests.
• Adds support for OAuth2 (#43)
• Adds a client side component for easy authentication with Feathers (#44)
• Adds preliminary support for graceful fallback to cookies for JWT (#45)
• Adds an example project showing all the different ways you can authenticate

0.1.0

• Adding local authentication
• Adding bundled hooks

0.0.5

• Initial release

License

Copyright (c) 2015

Licensed under the MIT license.

Changelog

v0.3.2 (2016-02-24)

Full Changelog

Merged pull requests:

• bumping feathers-errors version #79 (ekryski)