云鉴权>> auth1-server>> 返回
项目作者: jmn8718

项目描述 :
authentication server using passport, oauth2orize
高级语言: JavaScript
项目地址: git://github.com/jmn8718/auth1-server.git
创建时间: 2019-06-04T11:40:59Z
项目社区:https://github.com/jmn8718/auth1-server
开源协议:
下载


auth-server

This project is a authentication server that authorize users using different authorizations flows.
It uses passport to authenticate user with different strategies (username-password, github, google…) and authorize users (using oaut2orize) to obtain access token and id_tokens to use in applications.

Flows

This authentication server support the following flows:

Code flow

TBD

Implicit flow

TBD

development

requirements

  • docker
  • docker-compose

start

  1. docker-compose up

All the services required (server and db) will start. It can be configured on the docker-compose file.

  • The server runs on http://localhost:8080
  • The database listen on the port 27018 in case it is needed to access from outside the application, like mongod or other GUI for mongo. It uses a different port from the default 27017 to avoid collision wi exisitng running instances of mongo
  • Requires to setup the google and github dev keys. (see links section)

libraries

TODO list

  • deploy on heroku
  • add tenants to separate clients
  • set default audience when not passed
  • use audience on code exchange
  • proper error response
  • separate clients with tenant concept
  • set grants on ?clients? to show in consent form
  • validate scopes to only allow registered scopes
  • add api client credential authentication [https://auth0.com/docs/flows/guides/client-credentials/call-api-client-credentials]
  • separate users on tenants
  • separate views into separate project to use authentication
  • separate api to different project that validates tokens
  • nginx as loadbalancer / cors
  • redesign form with better styles