Default Adapter
The default adapter implements standard authentication features using MongoDB as a simple document storage for one-time tokens and refresh tokens.
Featuresβ
- User Authentication
- Safe login with an email address and password
- Multifactor Authentication (MFA) support via SMS, mail or verification apps.
- Token Creation and Validation
- Creation and validation of JSON Web Tokens (JWTs) via a request
- Reads tokens and returns their contents
- SNS User Authentication
- Third party service login using OAuth2/OpenID Connect
- Google, Twitter, Line
Installationβ
- Prerequisites
| Dependency | Version |
|---|---|
| node | 18+ |
| MongoDB | 5+ |
| Nodeblocks User Service | 1.1.0+ |
- Install Package
Create your repository and add this package as a dependency
mkdir my-auth-service
npx gts init -y
npm install --save @basaldev/blocks-auth-service
You will need to also set up your environment variables. Look at Quick Start Guide for a sample.
- Initial code
info
This example uses cookies authorization.
authType: 'cookie', // <-- Cookie authorization
info
This example enables CORS whitelist for localhost. You can add your own domains to the array.
corsOptions: {
credentials: true,
origin: ['http://localhost', 'http://your-domain.com'],
},
Place the following into src/index.ts:
import {
createNodeblocksAuthApp,
defaultAdapter,
ServiceOptsWithOAuth,
} from '@basaldev/blocks-auth-service';
import {getEnvBool, getEnvString} from './helper/utilities';
const authPort = Number(getEnvString('PORT'));
async function main() {
const oauthConfigs: ServiceOptsWithOAuth['oauthConfigs'] = {
google: {
clientId: getEnvString('OAUTH_GOOGLE_CLIENT_ID', ''),
clientSecret: getEnvString('OAUTH_GOOGLE_CLIENT_SECRET', ''),
scope: ['email', 'profile'],
},
};
const adapterOptions: defaultAdapter.AuthDefaultAdapterOptions = {
authEncSecret: getEnvString('AUTH_ENC_SECRET', ''),
authSignSecret: getEnvString('AUTH_SIGN_SECRET', ''),
/** Add your URL here */
authorizedRedirectUrls: [
'https://localhost:5173/auth/post-oauth-login',
],
authType: 'cookie',
enableRefreshToken: getEnvBool('ENABLE_REFRESH_TOKEN', false),
tokenExpireTime: {
accessToken: getEnvString('JWT_EXPIRATION_TIME', ''),
onetimeToken: getEnvString('JWT_EXPIRATION_TIME', ''),
refreshToken: getEnvString('JWT_EXPIRATION_TIME', ''),
},
};
const adapter = await defaultAdapter.createAuthDefaultAdapter(
adapterOptions,
{
db: getEnvString('DATABASE_URL', ''),
userAPI: getEnvString('USER_ENDPOINT', ''),
}
);
const app = await createNodeblocksAuthApp({
enableCookieParser: true,
corsOptions: {
credentials: true,
origin: ['http://localhost'],
},
});
await app.startService({
PORT: authPort,
adapter,
env: 'development',
/** Add your domain name here */
domain: '',
oauthConfigs,
});
}
void main();
For an SNS login, change it as follows:
nodeblocksAuthApp.startService({
domain: `auth-service-domain`, // remove the https:// part
oauthConfigs: { // Requires ClientID and ClientService from Line, google, and a callbackURL
// callback url examplesοΌ {auth-service-endpoint}/auth/line/callback, {auth-service-endpoint}/auth/google/callback
line: {
clientId: LINE_CLIENT_ID,
clientSecret: LINE_CLIENT_SECRET,
},
google: {
clientId: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
}
},
adapter: new AUTH_SERVICE.AuthDefaultAdapter({
dbUrl: DATABASE_URL,
userServiceEndpoint: USER_SERVICE_ENDPOINT,
jwtExpirationTime: JWT_EXPIRATION_TIME,
authEncSecret: AUTH_ENC_SECRET,
authSignSecret: AUTH_SIGN_SECRET,
authorizedRedirectUrls: '' // ->supply with frontend urls to redirect after login
// examples: {tanty-supplyside-endpoint}/login-callback/google,{tanty-demandside-endpoint}/login-callback/google,{tanty-demandside-endpoint}/login-callback/google,{tanty-supplyside-endpoint}/login-callback/line,
}),
PORT
})