IMPORTANT NOTE The css is picked from motley If there are any UI changes to be made, please make on motley.
Simple clone and -
npm install
git submodule init
git submodule update
npm run start:dev
If you want to run it with https, and run it on a proper domain (not 127.0.0.1), and enable Facebook/Twitter/Github logins, you'll need to take care of a few additional steps -
Please read the required steps in the wiki
oneauth is an OAuth2 server, that you can consume
A few terms to remember -
Term | Definition |
---|---|
auth token | A token, used in lieu of user+password credentials, to make API requests |
grant code | A code that can be exchanged for a auth token |
client id | Unique identifier for each client |
client secret | A secret key, to be used to exchange codes for tokens |
This will get you a grant code (that can be exchanged for an auth token). Redirect the user to the below URL on the frontend
GET
http://localhost:3838/oauth/authorize?
response_type=code
& client_id=9990781661
& redirect_uri=http://hackerblocks.com/callback
Then from your backend get the auth token
POST
http://localhost:3838/oauth/token
{
"client_id" : 9990781661,
"redirect_uri" : "http://hackerblocks.com/callback",
"client_secret" : "ZyTe3zCR67REHND7CHa9zH39NllvLWYULCedocZDLaCkSVTA7GGE1s1Hjrgkos09",
"grant_type" : "authorization_code",
"code" : "MyiLDqJwTpzEXqYOG1jNFCtjEzYHAR4U"
}
Retrieve the bearer token from the response body
Ensure you do not leak client secret to the frontend
Read in detailed step by step instructions in the wiki
This will get you a bearer token straight away on frontend
GET
http://localhost:3838/oauth/authorize?
response_type=token
& client_id=9990781661
& redirect_uri=http://hackerblocks.com/callback
Retrive the bearer token from the URL
oneauth is also an OAuth2 consumer, so users can link other accounts they have on Facebook/Twitter/Google etc
Existing user login
New user signup
User profile data of logged in user
User profie data (only public data) of any user
All clients created by currently logged in user
Details of the client (given the user who owns it is logged in)
Backup
sudo -u postgres pg_dump oneauthdb -f oneauthdb.sql
Restore
PGPASSWORD=******* psql -U oneauthadmin -h <dbhost> -p <dbport> -d oneauthdb < oneauthdb.sql
Drop All Tables (this prints all the drop commands)
select 'drop table if exists "' || tablename || '" cascade;'
from pg_tables
where schemaname = 'public';
This is built upon the insanely useful and easy to use Oauth2 libraries built by jaredhanson from auth0
- passport.js The universal auth solution on Nodejs
- oauth2orize Simple Oauth2 provider middleware
We built this at @coding-blocks looking at a similar solution hasgeek has here - http://github.com/hasgeek/lastuser We made our own, instead of using lastuser, because (a) the documentation was a little lacking on lastuser, and (b) we were more comfortable on a NodeJS+Postgres based stack.
You can support the project via BeerPay Buy us a beer !