How to use loopback4-authentication - 10 common examples
To help you get started, we’ve selected a few loopback4-authentication examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
sourcefuse / loopback4-starter / src / modules / auth / login.controller.ts View on Github 
{
audience: req.clientId,
subject: req.username,
issuer: process.env.JWT_ISSUER,
},
) as ClientAuthCode;
return await this.createJWT(payload, authClient);
} catch (error) {
if (error.name === 'TokenExpiredError') {
throw new HttpErrors.Unauthorized(AuthErrorKeys.CodeExpired);
// eslint-disable-next-line no-prototype-builtins
} else if (HttpErrors.HttpError.prototype.isPrototypeOf(error)) {
throw error;
} else {
throw new HttpErrors.Unauthorized(AuthErrorKeys.InvalidCredentials);
}
}
}constructor(
@inject(AuthenticationBindings.CURRENT_CLIENT)
private readonly client: AuthClient | undefined,
@inject(AuthenticationBindings.CURRENT_USER)
private readonly user: AuthUser | undefined,
@inject(AuthorizationBindings.USER_PERMISSIONS)
private readonly getUserPermissions: UserPermissionsFn,
@repository(AuthClientRepository)
public authClientRepository: AuthClientRepository,
@repository(UserRepository)
public userRepo: UserRepository,
@repository(UserTenantRepository)
public userTenantRepo: UserTenantRepository,
@repository(UserTenantPermissionRepository)
public utPermsRepo: UserTenantPermissionRepository,
@repository(RefreshTokenRepository)
public refreshTokenRepo: RefreshTokenRepository,
) {}
// sonarignore_end@inject(AuthorizationBindings.USER_PERMISSIONS)
private readonly getUserPermissions: UserPermissionsFn,
@repository(AuthClientRepository)
public authClientRepository: AuthClientRepository,
@repository(UserRepository)
public userRepo: UserRepository,
@repository(UserTenantRepository)
public userTenantRepo: UserTenantRepository,
@repository(UserTenantPermissionRepository)
public utPermsRepo: UserTenantPermissionRepository,
@repository(RefreshTokenRepository)
public refreshTokenRepo: RefreshTokenRepository,
) {}
// sonarignore_end
@authenticateClient(STRATEGY.CLIENT_PASSWORD)
@authenticate(STRATEGY.LOCAL)
@authorize(['*'])
@post('/auth/login', {
responses: {
[STATUS_CODE.OK]: {
description: 'Auth Code',
content: {
[CONTENT_TYPE.JSON]: Object,
},
},
},
})
async login(
@requestBody()
req: LoginRequest,
): Promise<{// // Customize @loopback/rest-explorer configuration here
this.bind(RestExplorerBindings.CONFIG).to({
path: '/explorer',
});
this.component(RestExplorerComponent);
// Add authentication component
this.component(AuthenticationComponent);
// Customize authentication verify handlers
this.bind(Strategies.Passport.OAUTH2_CLIENT_PASSWORD_VERIFIER).toProvider(
ClientPasswordVerifyProvider,
);
this.bind(Strategies.Passport.LOCAL_PASSWORD_VERIFIER).toProvider(
LocalPasswordVerifyProvider,
);
this.bind(Strategies.Passport.BEARER_TOKEN_VERIFIER).toProvider(
BearerTokenVerifyProvider,
);
this.bind(Strategies.Passport.RESOURCE_OWNER_PASSWORD_VERIFIER).toProvider(
ResourceOwnerVerifyProvider,
);
this.bind(Strategies.Passport.GOOGLE_OAUTH2_VERIFIER).toProvider(
GoogleOauth2VerifyProvider,
);
// Add authorization component
this.bind(AuthorizationBindings.CONFIG).to({
allowAlwaysPaths: ['/explorer'],
});
this.component(AuthorizationComponent);
this.projectRoot = __dirname;// Set up the custom sequence
this.sequence(MySequence);
// Set up default home page
this.static('/', path.join(__dirname, '../public'));
// // Customize @loopback/rest-explorer configuration here
this.bind(RestExplorerBindings.CONFIG).to({
path: '/explorer',
});
this.component(RestExplorerComponent);
// Add authentication component
this.component(AuthenticationComponent);
// Customize authentication verify handlers
this.bind(Strategies.Passport.OAUTH2_CLIENT_PASSWORD_VERIFIER).toProvider(
ClientPasswordVerifyProvider,
);
this.bind(Strategies.Passport.LOCAL_PASSWORD_VERIFIER).toProvider(
LocalPasswordVerifyProvider,
);
this.bind(Strategies.Passport.BEARER_TOKEN_VERIFIER).toProvider(
BearerTokenVerifyProvider,
);
this.bind(Strategies.Passport.RESOURCE_OWNER_PASSWORD_VERIFIER).toProvider(
ResourceOwnerVerifyProvider,
);
this.bind(Strategies.Passport.GOOGLE_OAUTH2_VERIFIER).toProvider(
GoogleOauth2VerifyProvider,
);
// Add authorization component}
try {
const payload: ClientAuthCode = jwt.verify(
req.code,
authClient.secret,
{
audience: req.clientId,
subject: req.username,
issuer: process.env.JWT_ISSUER,
},
) as ClientAuthCode;
return await this.createJWT(payload, authClient);
} catch (error) {
if (error.name === 'TokenExpiredError') {
throw new HttpErrors.Unauthorized(AuthErrorKeys.CodeExpired);
// eslint-disable-next-line no-prototype-builtins
} else if (HttpErrors.HttpError.prototype.isPrototypeOf(error)) {
throw error;
} else {
throw new HttpErrors.Unauthorized(AuthErrorKeys.InvalidCredentials);
}
}
}private readonly getUserPermissions: UserPermissionsFn,
@repository(AuthClientRepository)
public authClientRepository: AuthClientRepository,
@repository(UserRepository)
public userRepo: UserRepository,
@repository(UserTenantRepository)
public userTenantRepo: UserTenantRepository,
@repository(UserTenantPermissionRepository)
public utPermsRepo: UserTenantPermissionRepository,
@repository(RefreshTokenRepository)
public refreshTokenRepo: RefreshTokenRepository,
) {}
// sonarignore_end
@authenticateClient(STRATEGY.CLIENT_PASSWORD)
@authenticate(STRATEGY.LOCAL)
@authorize(['*'])
@post('/auth/login', {
responses: {
[STATUS_CODE.OK]: {
description: 'Auth Code',
content: {
[CONTENT_TYPE.JSON]: Object,
},
},
},
})
async login(
@requestBody()
req: LoginRequest,
): Promise<{
code: string;@authorize([PermissionKey.UpdateRole])
@put('/roles/{id}', {
responses: {
'204': {
description: 'Role PUT success',
},
},
})
async replaceById(
@param.path.number('id') id: number,
@requestBody() role: Role,
): Promise {
await this.roleRepository.replaceById(id, role);
}
@authenticate(STRATEGY.BEARER)
@authorize([PermissionKey.DeleteRole])
@del('/roles/{id}', {
responses: {
'204': {
description: 'Role DELETE success',
},
},
})
async deleteById(@param.path.number('id') id: number): Promise {
await this.roleRepository.deleteById(id);
}
}])
@put('/users/{id}', {
responses: {
'204': {
description: 'User PUT success',
},
},
})
async replaceById(
@param.path.number('id') id: number,
@requestBody() user: User,
): Promise {
await this.userRepository.replaceById(id, user);
}
@authenticate(STRATEGY.BEARER)
@authorize([PermissionKey.DeleteAnyUser, PermissionKey.DeleteTenantUser])
@del('/users/{id}', {
responses: {
'204': {
description: 'User DELETE success',
},
},
})
async deleteById(@param.path.number('id') id: number): Promise {
await this.userRepository.deleteById(id);
}
}@authenticate(STRATEGY.BEARER)
@authorize([PermissionKey.ViewAudit])
@get('/audit-logs/{id}', {
responses: {
'200': {
description: 'AuditLog model instance',
content: {'application/json': {schema: {'x-ts-type': AuditLog}}},
},
},
})
async findById(@param.path.number('id') id: number): Promise {
return await this.auditLogRepository.findById(id);
}
@authenticate(STRATEGY.BEARER)
@authorize([PermissionKey.UpdateAudit])
@patch('/audit-logs/{id}', {
responses: {
'204': {
description: 'AuditLog PATCH success',
},
},
})
async updateById(
@param.path.number('id') id: number,
@requestBody() auditLog: AuditLog,
): Promise {
await this.auditLogRepository.updateById(id, auditLog);
}
@authenticate(STRATEGY.BEARER)loopback4-authentication
A loopback-next extension for authentication feature. Oauth strategies supported.
Package Health Score
87 / 100Popular loopback4-authentication functions
- loopback4-authentication.authenticate
- loopback4-authentication.authenticateClient
- loopback4-authentication.AuthenticationBindings.CLIENT_AUTH_ACTION
- loopback4-authentication.AuthenticationBindings.CURRENT_CLIENT
- loopback4-authentication.AuthenticationBindings.CURRENT_USER
- loopback4-authentication.AuthenticationBindings.USER_AUTH_ACTION
- loopback4-authentication.AuthErrorKeys.ClientInvalid
- loopback4-authentication.AuthErrorKeys.ClientSecretMissing
- loopback4-authentication.AuthErrorKeys.ClientUserMissing
- loopback4-authentication.AuthErrorKeys.CodeExpired
- loopback4-authentication.AuthErrorKeys.InvalidCredentials
- loopback4-authentication.AuthErrorKeys.TokenExpired
- loopback4-authentication.AuthErrorKeys.UnknownError
- loopback4-authentication.AuthErrorKeys.WrongPassword
- loopback4-authentication.Strategies.Passport
- loopback4-authentication.STRATEGY.BEARER
- loopback4-authentication.STRATEGY.CLIENT_PASSWORD
- loopback4-authentication.STRATEGY.GOOGLE_OAUTH2
- loopback4-authentication.STRATEGY.LOCAL
- loopback4-authentication.STRATEGY.OAUTH2_RESOURCE_OWNER_GRANT