Light

druxt / druxt-auth Goto Github PK

View Code? Open in Web Editor NEW

3.0 1.0 0.0 441 KB

Authentication module for DruxtJS

License: MIT License

JavaScript 11.37% Vue 1.20% Dockerfile 0.75% Shell 2.88% PHP 83.79%

druxt module nuxt-auth oauth2

druxt-auth's Introduction

DruxtAuth

Druxt Authentication with Drupal Simple OAuth2 and nuxt/auth.

Links

DruxtJS: https://druxtjs.org
Community Discord server: https://discord.druxtjs.org

Install

$ npm install druxt-auth

Nuxt.js

Add module to nuxt.config.js

module.exports = {
  buildModules: [
    'druxt',
    ['druxt-auth', {
      clientId: '[DRUPAL_CONSUMER_UUID]',
      clientSecret: '[DRUPAL_CONSUMER_SECRET]',
      scope: ['default'],
    }]
  ],
  druxt: {
    baseUrl: 'https://demo-api.druxtjs.org'
  },
}

Note: Replace [DRUPAL_CONSUMER_UUID] and [DRUPAL_CONSUMER_SECRET] with the details from the consumer created in the following step.

Drupal

Download, install and setup the Simple OAuth module.
Create a Consumer depending on your desired authorization strategy:
- Authorization Code grant:
  - New Secret: leave this empty
  - Is Confidential: unchecked
  - Use PKCE?: checked
  - Redirect URI: [FRONTEND_URL]/callback (e.g., http://localhost:3000/callback)
- Password grant:
  - New Secret: provide a secure secret
  - Is Confidential: checked
  - Redirect URI: [FRONTEND_URL]/callback (e.g., http://localhost:3000/callback)

Usage

The DruxtAuth module installs and configures the nuxt/auth module for your Druxt site.

It adds two auth strategies that can be used via the $auth plugin:

drupal-authorization_code

this.$nuxt.$auth.loginWith('drupal-authorization_code')

drupal-password

this.$nuxt.$auth.loginWith('drupal-password', {
  data: {
    username: '',
    password: ''
  }
})

Note: Nuxt must be running in SSR mode for password grant, and client secret must be set.

See the nuxt/auth documentation form more details: https://auth.nuxtjs.org/api/auth

Options

Option	Type	Required	Default	Description
`clientId`	`string`	Yes	`undefined`	The Drupal Consumer UUID
`clientSecret`	`string`	No	`undefined`	The Drupal Consumer API secret. Required for Password grant.
`scope`	`array`	No	`undefined`	The OAuth Scopes to be used for the Drupal Consumer.

druxt-auth's People

Contributors

Stargazers

Watchers

druxt-auth's Issues

Add CI

Is your feature request related to a problem? Please describe.
As a project maintainer I need CI so I can maintain the project

Describe the solution you'd like

Add CI from module-tempalte

Describe alternatives you've considered
N/A

Additional context
N/A

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

WARN: Using npm packages for Renovate presets is now deprecated. Please migrate to repository-based presets instead.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

chore(deps): update actions/setup-node action to v4
chore(deps): update codecov/codecov-action action to v4
chore(deps): update dependency node to v20
chore(deps): update dependency nuxt to v3
chore(deps): update devdependency eslint to v9
chore(deps): update devdependency jest-junit to v16
chore(deps): update github/codeql-action action to v3
🔐 Create all rate-limited PRs at once 🔐

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

composer

example/drupal/composer.json

composer/installers 2.2.0

drupal/core-composer-scaffold 9.5.10

drupal/core-project-message 9.5.10

drupal/core-recommended 9.5.10

drupal/druxt 1.2.0

drupal/simple_oauth ^5.2.3

drush/drush 11.6.0

vlucas/phpdotenv ^5.5.0

drupal/core-dev 9.5.10

docker-compose

example/drupal/.ddev/docker-compose.env.yaml

example/drupal/.ddev/docker-compose.network-mtu.yaml

dockerfile

.gitpod/Dockerfile

github-actions

.github/workflows/ci.yml

actions/checkout v3

actions/setup-node v3

codecov/codecov-action v3.1.4

.github/workflows/codeql-analysis.yml

actions/checkout v3

github/codeql-action v2

github/codeql-action v2

github/codeql-action v2

npm

example/nuxt/package.json

core-js 3.32.0

dotenv ^16.3.1

druxt ^0.23.0

nuxt 2.17.1

package.json

@nuxtjs/auth-next ^5.0.0-1667386184.dfbbb54

@babel/core 7.22.9

@babel/preset-env 7.22.9

@changesets/cli ^2.26.2

@vue/test-utils 1.3.6

babel-core 7.0.0-bridge.0

druxt 0.23.0

esbuild-jest 0.5.0

eslint 8.45.0

eslint-plugin-nuxt 3.2.0

jest 27.5.1

jest-junit ^14.0.1

siroc 0.16.0

vue-jest 3.0.7

vue-template-compiler ^2.7.14

axios ^0.27.2

body-parser ^1.20.2

nvm

.nvmrc

node v16.20.1

example/nuxt/.nvmrc

node 16.20.1

Check this box to trigger a request for Renovate to run again on this repository

Add example Drupal backend and Nuxt frontend

Is your feature request related to a problem? Please describe.
As a user I want an example that has both a Drupal backend and a Nuxt frontend so I can see how this module is supposed to work.

Describe the solution you'd like

Move Nuxt to example/nuxt
Add Drupal to example/drupal
Add Simple OAuth
Setup Druxt Auth
Setup Gitpod configuration (OAuth callback needs to change for the domain)
Add documentation

Describe alternatives you've considered
N/A

Additional context

Add proxy support for userinfo

Is your feature request related to a problem? Please describe.
On some GitPod instances I am experiencing a CORs issue after the token is authorized, when userinfo is accessed.

Adding Proxy support for that endpoint appears to resolve the issue.

Describe the solution you'd like

Add Proxy support for the /oauth/userinfo endpoint.

Describe alternatives you've considered
N/A

Additional context
N/A

Missing scope parameter / Support for Simple OAuth2 6.x Drupal module

Describe the bug
When using DruxtAuth with the Simple OAuth2 6.x Drupal module you get the following error:

{
error: "invalid_request",
error_description: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.",
hint: "Check the `scope` parameter",
message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
}

The issue is caused by DruxtAuth having no support or means to send scope settings.

To Reproduce
Steps to reproduce the behavior:

Setup DruxtAuth <-> Simple Oauth2 6.x site
...
See error

Expected behavior
Have the ability to configure the scopes to be used alongside the existing Druxt Auth config.

Media
N/A

Your Environment (please complete the following information):
N/A

Additional context
N/A

Add support for Password grant

Is your feature request related to a problem? Please describe.
As a user I want to implement password based authentication without being redirected to the Drupal backend.

Describe the solution you'd like

Add support for password flow

Describe alternatives you've considered
N/A

Additional context
N/A

Add default user login page / component

Is your feature request related to a problem? Please describe.
As a user I want to click on a "login" link provided by the Drupal account menu and have a login experience.

Describe the solution you'd like

Add default user/login route
Add DruxtAuthLogin component / page / block

Describe alternatives you've considered

Add a Route resolver to the Drupal Druxt or Decoupled Router module

Additional context

https://github.com/druxt/quickstart-druxt-site/blob/develop/nuxt/pages/user/login.vue

Proof of concept

Is your feature request related to a problem? Please describe.
As a user I want an easy way to enable authentication on a DruxtSite.

Describe the solution you'd like

Describe alternatives you've considered
N/A

Additional context
N/A

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.