-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(lib-auth): @zooniverse/auth package #6376
Conversation
Adds a basic auth client as detailed in ADR 21 (zooniverse#1361). - Add auth client - Add unit tests - Add functional tests in isolation - Add functional tests for staging API
I closed the original PR because there was no time to finish this off but maybe it's worth picking up again. |
const { cookieName } = this._config | ||
const cookies = cookie.parse(document.cookie) | ||
return cookies[cookieName] || '' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The auth client can only read the Panoptes session cookie on the server, when the client is running in Node. The cookie can't be used when the auth client is running in a browser. Instead, you have to make a POST request to the Panoptes auth API, which returns the access token and refresh token for your session cookie.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alternatively, use a third-party OAuth library to interact with the Panoptes OAuth APIs, so that you don't have to worry about the details of implementing an OAuth client here.
this._state = { | ||
accessToken: tokenData['access_token'], | ||
accessTokenCreatedAt: tokenData['created_at'], | ||
accessTokenExpiresAt: tokenData['created_at'] + tokenData['expires_in'], | ||
accessTokenExpiresIn: tokenData['expires_in'], | ||
refreshToken: tokenData['refresh_token'], | ||
scope: tokenData.scope | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
client._state
is a public variable so this makes the refresh token visible via client._state.refreshToken
. Your refresh token should be private just to you. _state
should be private, so that it's not available outside the instantiated client
object. PJC hides private state, like the refresh token, by using the module pattern for exports. Only methods and properties on the following list can be accessed from outside the client, to keep personal data secure.
https://github.com/zooniverse/panoptes-javascript-client/blob/8157794dfacfbc1f5d41c5730b2f47aae6fc013a/lib/auth.js#L341-L354
I've left a couple of comments that I remember from when I last worked on this. |
{ | ||
"name": "@zooniverse/auth", | ||
"version": "1.0.0", | ||
"main": "src/index.js", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This new package was originally written as a CJS package. Nowadays, it would make more sense to write it as an ES Module. CJS has never been supported in browsers, and ESM is well-supported in Node now.
See #6375 (comment) |
This revives the work on a new Panoptes auth client, from 2019, if it's useful. It implements client-side user registration and sign-in in a new, tested package:
@zooniverse/auth
.Package
Linked Issue and/or Talk Post
How to Review
See the package Readme for docs, and the
auth-client-test
branch for an example implementation of Panoptes sign-in in cca57bb.Checklist
PR Creator - Please cater the checklist to fit the review needed for your code changes.
PR Reviewer - Use the checklist during your review. Each point should be checkmarked or discussed before PR approval.
General
yarn panic && yarn bootstrap
ordocker-compose up --build
and FEM works as expectedGeneral UX
Example Staging Project: i-fancy-cats
New Feature