/oneauth

Your one-stop Single Sign-on server. Login with Oneauth to your services. Login to Oneauth using Facebook/Twitter/Github

Primary LanguageJavaScript

oneauth

Build Status CircleCI Coverage Status Code Climate CodeFactor codebeat badge Known Vulnerabilities Total alerts Language grade: JavaScript

Flattr this git repo

Design and Styles

IMPORTANT NOTE The css is picked from motley If there are any UI changes to be made, please make on motley.

Installation

Step 1 : Database Setup

Step 2 : Deploy

Deploy

Running Locally (for Development)

Option 1: Without SSL, only local logins

Simple clone and -

npm install
git submodule init
git submodule update
npm run start:dev

Option 2: With SSL (HTTPS), and try out social logins too

If you want to run it with https, and run it on a proper domain (not 127.0.0.1), and enable Facebook/Twitter/Github logins, you'll need to take care of a few additional steps -

Please read the required steps in the wiki


OAuth2 Server Usage

oneauth is an OAuth2 server, that you can consume

A few terms to remember -

Term Definition
auth token A token, used in lieu of user+password credentials, to make API requests
grant code A code that can be exchanged for a auth token
client id Unique identifier for each client
client secret A secret key, to be used to exchange codes for tokens

Grant Code Flow (frontend + backend clients)

This will get you a grant code (that can be exchanged for an auth token). Redirect the user to the below URL on the frontend

GET
http://localhost:3838/oauth/authorize?
        response_type=code
    &   client_id=9990781661
    &   redirect_uri=http://hackerblocks.com/callback

Then from your backend get the auth token

POST
http://localhost:3838/oauth/token

    {
         "client_id" : 9990781661,
         "redirect_uri" : "http://hackerblocks.com/callback",
         "client_secret" : "ZyTe3zCR67REHND7CHa9zH39NllvLWYULCedocZDLaCkSVTA7GGE1s1Hjrgkos09",
         "grant_type" : "authorization_code",
         "code"  : "MyiLDqJwTpzEXqYOG1jNFCtjEzYHAR4U"
     }

Retrieve the bearer token from the response body

Ensure you do not leak client secret to the frontend

Read in detailed step by step instructions in the wiki


Implicit Auth Token Flow (pure frontend clients)

This will get you a bearer token straight away on frontend

GET
http://localhost:3838/oauth/authorize?
        response_type=token
    &   client_id=9990781661
    &   redirect_uri=http://hackerblocks.com/callback

Retrive the bearer token from the URL


Oauth2 Consumer Usage

oneauth is also an OAuth2 consumer, so users can link other accounts they have on Facebook/Twitter/Google etc

Pages

/login

Existing user login

/signup

New user signup

/user/me

User profile data of logged in user

/user/{userid}

User profie data (only public data) of any user

/clients

All clients created by currently logged in user

/clients/{clientid}

Details of the client (given the user who owns it is logged in)

Maintenance

Database Backup / Restore

Backup

sudo -u postgres pg_dump oneauthdb -f oneauthdb.sql

Restore

PGPASSWORD=******* psql -U oneauthadmin -h <dbhost> -p <dbport> -d oneauthdb < oneauthdb.sql

Drop All Tables (this prints all the drop commands)

select 'drop table if exists "' || tablename || '" cascade;' 
  from pg_tables
 where schemaname = 'public';

Credits

Libraries Used

This is built upon the insanely useful and easy to use Oauth2 libraries built by jaredhanson from auth0

Inspirations

We built this at @coding-blocks looking at a similar solution hasgeek has here - http://github.com/hasgeek/lastuser We made our own, instead of using lastuser, because (a) the documentation was a little lacking on lastuser, and (b) we were more comfortable on a NodeJS+Postgres based stack.

Support on Beerpay

You can support the project via BeerPay Buy us a beer !

Beerpay Beerpay