1. Advisor
  2. loopback4-authentication
  3. loopback4-authentication code examples
View all loopback4-authentication analysis

How to use loopback4-authentication - 10 common examples

To help you get started, we’ve selected a few loopback4-authentication examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github sourcefuse / loopback4-starter / src / modules / auth / login.controller.ts View on Github external
{
          audience: req.clientId,
          subject: req.username,
          issuer: process.env.JWT_ISSUER,
        },
      ) as ClientAuthCode;

      return await this.createJWT(payload, authClient);
    } catch (error) {
      if (error.name === 'TokenExpiredError') {
        throw new HttpErrors.Unauthorized(AuthErrorKeys.CodeExpired);
        // eslint-disable-next-line no-prototype-builtins
      } else if (HttpErrors.HttpError.prototype.isPrototypeOf(error)) {
        throw error;
      } else {
        throw new HttpErrors.Unauthorized(AuthErrorKeys.InvalidCredentials);
      }
    }
  }
github sourcefuse / loopback4-starter / src / modules / auth / login.controller.ts View on Github external
constructor(
    @inject(AuthenticationBindings.CURRENT_CLIENT)
    private readonly client: AuthClient | undefined,
    @inject(AuthenticationBindings.CURRENT_USER)
    private readonly user: AuthUser | undefined,
    @inject(AuthorizationBindings.USER_PERMISSIONS)
    private readonly getUserPermissions: UserPermissionsFn,
    @repository(AuthClientRepository)
    public authClientRepository: AuthClientRepository,
    @repository(UserRepository)
    public userRepo: UserRepository,
    @repository(UserTenantRepository)
    public userTenantRepo: UserTenantRepository,
    @repository(UserTenantPermissionRepository)
    public utPermsRepo: UserTenantPermissionRepository,
    @repository(RefreshTokenRepository)
    public refreshTokenRepo: RefreshTokenRepository,
  ) {}
  // sonarignore_end
github sourcefuse / loopback4-starter / src / modules / auth / login.controller.ts View on Github external
@inject(AuthorizationBindings.USER_PERMISSIONS)
    private readonly getUserPermissions: UserPermissionsFn,
    @repository(AuthClientRepository)
    public authClientRepository: AuthClientRepository,
    @repository(UserRepository)
    public userRepo: UserRepository,
    @repository(UserTenantRepository)
    public userTenantRepo: UserTenantRepository,
    @repository(UserTenantPermissionRepository)
    public utPermsRepo: UserTenantPermissionRepository,
    @repository(RefreshTokenRepository)
    public refreshTokenRepo: RefreshTokenRepository,
  ) {}
  // sonarignore_end

  @authenticateClient(STRATEGY.CLIENT_PASSWORD)
  @authenticate(STRATEGY.LOCAL)
  @authorize(['*'])
  @post('/auth/login', {
    responses: {
      [STATUS_CODE.OK]: {
        description: 'Auth Code',
        content: {
          [CONTENT_TYPE.JSON]: Object,
        },
      },
    },
  })
  async login(
    @requestBody()
    req: LoginRequest,
  ): Promise<{
github sourcefuse / loopback4-starter / src / application.ts View on Github external
// // Customize @loopback/rest-explorer configuration here
    this.bind(RestExplorerBindings.CONFIG).to({
      path: '/explorer',
    });
    this.component(RestExplorerComponent);

    // Add authentication component
    this.component(AuthenticationComponent);
    // Customize authentication verify handlers
    this.bind(Strategies.Passport.OAUTH2_CLIENT_PASSWORD_VERIFIER).toProvider(
      ClientPasswordVerifyProvider,
    );
    this.bind(Strategies.Passport.LOCAL_PASSWORD_VERIFIER).toProvider(
      LocalPasswordVerifyProvider,
    );
    this.bind(Strategies.Passport.BEARER_TOKEN_VERIFIER).toProvider(
      BearerTokenVerifyProvider,
    );
    this.bind(Strategies.Passport.RESOURCE_OWNER_PASSWORD_VERIFIER).toProvider(
      ResourceOwnerVerifyProvider,
    );
    this.bind(Strategies.Passport.GOOGLE_OAUTH2_VERIFIER).toProvider(
      GoogleOauth2VerifyProvider,
    );

    // Add authorization component
    this.bind(AuthorizationBindings.CONFIG).to({
      allowAlwaysPaths: ['/explorer'],
    });
    this.component(AuthorizationComponent);

    this.projectRoot = __dirname;
github sourcefuse / loopback4-starter / src / application.ts View on Github external
// Set up the custom sequence
    this.sequence(MySequence);

    // Set up default home page
    this.static('/', path.join(__dirname, '../public'));

    // // Customize @loopback/rest-explorer configuration here
    this.bind(RestExplorerBindings.CONFIG).to({
      path: '/explorer',
    });
    this.component(RestExplorerComponent);

    // Add authentication component
    this.component(AuthenticationComponent);
    // Customize authentication verify handlers
    this.bind(Strategies.Passport.OAUTH2_CLIENT_PASSWORD_VERIFIER).toProvider(
      ClientPasswordVerifyProvider,
    );
    this.bind(Strategies.Passport.LOCAL_PASSWORD_VERIFIER).toProvider(
      LocalPasswordVerifyProvider,
    );
    this.bind(Strategies.Passport.BEARER_TOKEN_VERIFIER).toProvider(
      BearerTokenVerifyProvider,
    );
    this.bind(Strategies.Passport.RESOURCE_OWNER_PASSWORD_VERIFIER).toProvider(
      ResourceOwnerVerifyProvider,
    );
    this.bind(Strategies.Passport.GOOGLE_OAUTH2_VERIFIER).toProvider(
      GoogleOauth2VerifyProvider,
    );

    // Add authorization component
github sourcefuse / loopback4-starter / src / modules / auth / login.controller.ts View on Github external
}
    try {
      const payload: ClientAuthCode = jwt.verify(
        req.code,
        authClient.secret,
        {
          audience: req.clientId,
          subject: req.username,
          issuer: process.env.JWT_ISSUER,
        },
      ) as ClientAuthCode;

      return await this.createJWT(payload, authClient);
    } catch (error) {
      if (error.name === 'TokenExpiredError') {
        throw new HttpErrors.Unauthorized(AuthErrorKeys.CodeExpired);
        // eslint-disable-next-line no-prototype-builtins
      } else if (HttpErrors.HttpError.prototype.isPrototypeOf(error)) {
        throw error;
      } else {
        throw new HttpErrors.Unauthorized(AuthErrorKeys.InvalidCredentials);
      }
    }
  }
github sourcefuse / loopback4-starter / src / modules / auth / login.controller.ts View on Github external
private readonly getUserPermissions: UserPermissionsFn,
    @repository(AuthClientRepository)
    public authClientRepository: AuthClientRepository,
    @repository(UserRepository)
    public userRepo: UserRepository,
    @repository(UserTenantRepository)
    public userTenantRepo: UserTenantRepository,
    @repository(UserTenantPermissionRepository)
    public utPermsRepo: UserTenantPermissionRepository,
    @repository(RefreshTokenRepository)
    public refreshTokenRepo: RefreshTokenRepository,
  ) {}
  // sonarignore_end

  @authenticateClient(STRATEGY.CLIENT_PASSWORD)
  @authenticate(STRATEGY.LOCAL)
  @authorize(['*'])
  @post('/auth/login', {
    responses: {
      [STATUS_CODE.OK]: {
        description: 'Auth Code',
        content: {
          [CONTENT_TYPE.JSON]: Object,
        },
      },
    },
  })
  async login(
    @requestBody()
    req: LoginRequest,
  ): Promise<{
    code: string;
github sourcefuse / loopback4-starter / src / modules / roles / role.controller.ts View on Github external
@authorize([PermissionKey.UpdateRole])
  @put('/roles/{id}', {
    responses: {
      '204': {
        description: 'Role PUT success',
      },
    },
  })
  async replaceById(
    @param.path.number('id') id: number,
    @requestBody() role: Role,
  ): Promise {
    await this.roleRepository.replaceById(id, role);
  }

  @authenticate(STRATEGY.BEARER)
  @authorize([PermissionKey.DeleteRole])
  @del('/roles/{id}', {
    responses: {
      '204': {
        description: 'Role DELETE success',
      },
    },
  })
  async deleteById(@param.path.number('id') id: number): Promise {
    await this.roleRepository.deleteById(id);
  }
}
github sourcefuse / loopback4-starter / src / modules / user-tenants / user.controller.ts View on Github external
])
  @put('/users/{id}', {
    responses: {
      '204': {
        description: 'User PUT success',
      },
    },
  })
  async replaceById(
    @param.path.number('id') id: number,
    @requestBody() user: User,
  ): Promise {
    await this.userRepository.replaceById(id, user);
  }

  @authenticate(STRATEGY.BEARER)
  @authorize([PermissionKey.DeleteAnyUser, PermissionKey.DeleteTenantUser])
  @del('/users/{id}', {
    responses: {
      '204': {
        description: 'User DELETE success',
      },
    },
  })
  async deleteById(@param.path.number('id') id: number): Promise {
    await this.userRepository.deleteById(id);
  }
}
github sourcefuse / loopback4-starter / src / modules / audit / audit-log.controller.ts View on Github external
@authenticate(STRATEGY.BEARER)
  @authorize([PermissionKey.ViewAudit])
  @get('/audit-logs/{id}', {
    responses: {
      '200': {
        description: 'AuditLog model instance',
        content: {'application/json': {schema: {'x-ts-type': AuditLog}}},
      },
    },
  })
  async findById(@param.path.number('id') id: number): Promise {
    return await this.auditLogRepository.findById(id);
  }

  @authenticate(STRATEGY.BEARER)
  @authorize([PermissionKey.UpdateAudit])
  @patch('/audit-logs/{id}', {
    responses: {
      '204': {
        description: 'AuditLog PATCH success',
      },
    },
  })
  async updateById(
    @param.path.number('id') id: number,
    @requestBody() auditLog: AuditLog,
  ): Promise {
    await this.auditLogRepository.updateById(id, auditLog);
  }

  @authenticate(STRATEGY.BEARER)

loopback4-authentication

A loopback-next extension for authentication feature. Various Oauth strategies supported.

GitHub
MIT
Latest version published 2 months ago

Package Health Score

87 / 100
Full package analysis

Popular loopback4-authentication functions

Similar packages