@hitchy/plugin-auth 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. package/.gitlab-ci.yml +42 -21
  2. package/LICENSE +21 -0
  3. package/api/controller/user.js +2 -29
  4. package/api/model/authorization/rule.js +0 -27
  5. package/api/model/role.js +0 -28
  6. package/api/model/user-to-role.js +0 -28
  7. package/api/model/user.js +2 -30
  8. package/api/policy/authentication.js +67 -64
  9. package/api/policy/authorization.js +0 -28
  10. package/api/policy/user.js +0 -28
  11. package/api/service/auth/manager.js +9 -28
  12. package/api/service/authentication/passport.js +1 -29
  13. package/api/service/authentication/strategies.js +176 -27
  14. package/api/service/authorization/node.js +0 -28
  15. package/api/service/authorization/policy-generator.js +0 -28
  16. package/api/service/authorization/tree.js +0 -28
  17. package/config/auth.js +5 -0
  18. package/coverage/base.css +224 -0
  19. package/coverage/block-navigation.js +79 -0
  20. package/coverage/favicon.png +0 -0
  21. package/coverage/index.html +231 -0
  22. package/coverage/plugin-auth/api/controller/index.html +111 -0
  23. package/coverage/plugin-auth/api/controller/user.js.html +368 -0
  24. package/coverage/plugin-auth/api/model/authorization/index.html +111 -0
  25. package/coverage/plugin-auth/api/model/authorization/rule.js.html +227 -0
  26. package/coverage/plugin-auth/api/model/index.html +141 -0
  27. package/coverage/plugin-auth/api/model/role.js.html +200 -0
  28. package/coverage/plugin-auth/api/model/user-to-role.js.html +167 -0
  29. package/coverage/plugin-auth/api/model/user.js.html +752 -0
  30. package/coverage/plugin-auth/api/policy/authentication.js.html +617 -0
  31. package/coverage/plugin-auth/api/policy/authorization.js.html +182 -0
  32. package/coverage/plugin-auth/api/policy/index.html +141 -0
  33. package/coverage/plugin-auth/api/policy/user.js.html +479 -0
  34. package/coverage/plugin-auth/api/service/auth/index.html +111 -0
  35. package/coverage/plugin-auth/api/service/auth/manager.js.html +863 -0
  36. package/coverage/plugin-auth/api/service/authentication/index.html +126 -0
  37. package/coverage/plugin-auth/api/service/authentication/passport.js.html +290 -0
  38. package/coverage/plugin-auth/api/service/authentication/strategies.js.html +860 -0
  39. package/coverage/plugin-auth/api/service/authorization/index.html +141 -0
  40. package/coverage/plugin-auth/api/service/authorization/node.js.html +944 -0
  41. package/coverage/plugin-auth/api/service/authorization/policy-generator.js.html +386 -0
  42. package/coverage/plugin-auth/api/service/authorization/tree.js.html +983 -0
  43. package/coverage/plugin-auth/config/auth.js.html +140 -0
  44. package/coverage/plugin-auth/config/index.html +111 -0
  45. package/coverage/plugin-auth/index.html +111 -0
  46. package/coverage/plugin-auth/index.js.html +344 -0
  47. package/coverage/prettify.css +1 -0
  48. package/coverage/prettify.js +2 -0
  49. package/coverage/sort-arrow-sprite.png +0 -0
  50. package/coverage/sorter.js +170 -0
  51. package/coverage/tmp/coverage-6744-1648396809135-0.json +1 -0
  52. package/docs/.vuepress/config.js +5 -2
  53. package/docs/api/config.md +14 -2
  54. package/docs/api/model/authorization-rule.md +1 -1
  55. package/docs/api/model/user.md +2 -2
  56. package/docs/api/service/authentication-passport.md +1 -1
  57. package/docs/guides/getting-started.md +2 -2
  58. package/docs/guides/idp-login.png +0 -0
  59. package/docs/guides/idp-saml-cert.png +0 -0
  60. package/docs/guides/openid-connect.md +164 -0
  61. package/docs/guides/readme.md +2 -0
  62. package/docs/guides/saml.md +161 -0
  63. package/docs/introduction.md +5 -5
  64. package/index.js +27 -50
  65. package/package.json +18 -13
  66. package/readme.md +11 -43
package/readme.md CHANGED
@@ -1,57 +1,25 @@
1
- # hitchy-plugin-auth
1
+ # @hitchy/plugin-auth
2
2
 
3
- [![Build Status](https://travis-ci.org/hitchyjs/plugin-auth.svg?branch=master)](https://travis-ci.org/hitchyjs/plugin-auth)
3
+ [![pipeline status](https://gitlab.com/hitchy/plugin-auth/badges/master/pipeline.svg)](https://gitlab.com/hitchy/plugin-auth/-/commits/master)
4
+
5
+ _request authentication and authorization for Hitchy framework_
4
6
 
5
7
  ## License
6
8
 
7
- MIT
9
+ [MIT](LICENSE)
8
10
 
9
11
  ## Usage
10
12
 
11
- When in root folder of a Hitchy-based application run this command:
13
+ Run this command in a hitchy-based project's root folder containing its **package.json** file:
12
14
 
13
15
  ```
14
- npm i @hitchy/plugin-auth @hitchy/plugin-session @hitchy/plugin-cookies @hitchy/plugin-odem
16
+ npm i @hitchy/plugin-auth
15
17
  ```
16
18
 
17
- It will install this plugin as well as its peer dependencies you are in charge of.
18
-
19
- After restarting your application the plugin is discovered and injecting some policy routes used to detect current context of either request and to expose some additional information and API regarding user authentication and authorization.
20
-
21
- ### REST-API
22
-
23
- The plugin injects special endpoints for managing a user's authentication.
24
-
25
- | endpoint | method | description |
26
- |----------|--------|-------------|
27
- | `/api/auth/login` | POST | Takes username and password in request body and uses them for authenticating selected user. |
28
- | `/api/auth/login` | GET | Does the same as the POST method and is mainly here as a redirect URI for external authorization |
29
- | `/api/auth/logout` | GET | Drops information on previously authenticated user. |
30
- | `/api/auth/check` | GET | Fetches status information on currently authenticated user. |
31
-
32
- In addition, this plugin is injecting policy requiring authenticated user to have authorization for role `admin` for accessing REST endpoint `/api/user`.
33
-
34
- ### Server-Side Session
35
-
36
- The plugin is controlling information on authenticated user in current server-side session.
37
-
38
- When combined with [@hitchy/plugin-session](https://www.npmjs.com/package/@hitchy/plugin-session) this results in exposing information on currently authenticated user and its authorization in headers of every response.
39
-
40
- ### Creating First Account
41
-
42
- The endpoint `/api/auth/login` is always checking whether there is at least one user with role `admin` in the configured database. If there is no such user the controller is implicitly creating one with username `admin`, password `nimda` and role `admin`.
43
-
44
- ## Upcoming Revisions
45
-
46
- ### High Priority
47
-
48
- * Add an endpoint in scope of `/api/auth` for creating new user account.
49
-
50
- ### Medium Priority
51
-
52
- * Improve authorization system by adding additional level of customizable access control.
19
+ It will install this plugin as a dependency.
53
20
 
21
+ After restarting your application the plugin is discovered by Hitchy automatically. It is injecting some routes instantly suitable for authentication based on a local database.
54
22
 
55
- ## Note
23
+ ## Manual
56
24
 
57
- This plugin comes with a very limited set of supported features, currently. It is though intended to include additional features over time.
25
+ Read the [plugin's official manual](https://auth.hitchy.org/) e.g. for [routes supported by default](https://auth.hitchy.org/api/routing.html) and how to use [all the components this plugin is introducing](https://auth.hitchy.org/api/).