dwyl / auth-mvp Goto Github PK
View Code? Open in Web Editor NEW:key: Prototype Authentication Service
Home Page: https://auth-mvp.herokuapp.com/
:key: Prototype Authentication Service
Home Page: https://auth-mvp.herokuapp.com/
Now that the auth service returns a jwt on authenticate, we want to be able to fetch the information about a person based on this jwt.
/person/info
endpoint where the header of the request will contain the jwt.Currently the jwt created on the callback url for Google or Github is hardcoded:
We recently added a TestDouble
to both elixir-auth-github
and elixir-auth-google
which makes it much easier for people using those packages to test their code. ๐ see: dwyl/elixir-auth-google#35
That means we no longer need to have the files:
Additionally we will no longer need the following configuration lines in test.exs
:
Lines 19 to 20 in f027488
mix.exs
test.exs
Monitor the code of the project with
While using the authentication service I noticed the application returns sometimes unauthorized
response.
see
To allow applications to use the dwyl authentication service directly without using the api, we need to create a specific controller which will display the oauth urls to login with Google or Github.
see also: dwyl/app-mvp-elm#32
linked to dwyl/auth#40 (comment)
Create a new Phoenix application with mix phx.new auth-mvp --app auth_mvp
. We might need to render some html from the auth application so I'm not adding the --no-webpack
and --no-html
option
Use elixir-auth-google and elixir-auth-github
/auth/urls
endpoint using the api
scope and returns the list of the oauth urls/auth/google/callback
and `/auth/github/callbackAllow Cross Origin Resource Sharing to allow requests to access the auth api endpoints
endpoint.ex
file to add the line plug CORSPlug, origin: ["*"]
Deploy the application on Heroku
/api/auth/github/callback
(and the google one) to be available for the Oauth appsmix phx.gen.secret
After running git pull
on master
branch and mix deps.get
,
I attempted to run mix test
on localhost
and got the following error:
Compiling 3 files (.ex)
== Compilation error in file lib/plugs/authenticate_person.ex ==
** (ArgumentError) ranges (first..last) expect both sides to be integers, got: TokenAuthMvp..verify_and_validate(jwt)
(elixir 1.10.1) lib/kernel.ex:3287: Kernel.range/3
(elixir 1.10.1) expanding macro: Kernel.".."/2
lib/plugs/authenticate_person.ex:33: AuthMvp.Plugs.AuthenticatePerson.validate_token/2
The line in question authenticate_person.ex:33
is AuthMvp.Token.verify_and_validate(jwt)
:
auth-mvp/lib/plugs/authenticate_person.ex
Lines 32 to 40 in 33af8ec
I have all the required environment variables listed in .env_sample
...
@SimonLab can you help clarify how to run the project on localhost
?
Google and Github Oauth2 allow us to get basic information about the user.
We are currently only saving in our Postgres person
database the email of the user:
auth-mvp/lib/auth_mvp/people/person.ex
Lines 8 to 14 in 3579966
We want now to be able to save the profile image of the user.
With Google the image url is already returned via ElixirAuthGoogle package under the picture
value:
With Github the value to get will be saved under avatar_url
avatar
string fieldavatar
field in the databasecast
the avatar value:def changeset(person, attrs) do
person
|> cast(attrs, [:email, :verified])
|> validate_required([:email, :verified])
end
On authentication we want know to be able to create person and session data.
email
and verified
fieldsvalid
fieldusing context: mix phx.gen.context People Person people email:string verified:boolean
This basic structure should be enough to allow a person to login and create a new session for the applications using auth-mvp
. We will update the list of fields on the next PRs
see also:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.