AdonisJs Auth 🔒

Fully blown authentication provider for Adonis framework

Adonisjs auth is an authentication provider to add authentication layer to your apps.

What's in the box?

1. Support for multiple authentication schemes like Jwt, Sessions, Basic auth and Personal API tokens.
2. Support for Lucid and Database serializer.
3. Easy to extend API to add your own serializers and schemes.
4. Runtime middleware.

Installation

You can install the package from npm.

adonis install @adonisjs/auth

Make sure to read instructions.md file.

Node/OS Target

This repo/branch is supposed to run fine on all major OS platforms and targets Node.js >=7.0

Development

Great! If you are planning to contribute to the framework, make sure to adhere to following conventions, since a consistent code-base is always joy to work with.

Run the following command to see list of available npm scripts.

npm run

Tests & Linting

1. Lint your code using standardJs. Run npm run lint command to check if there are any linting errors.
2. Make sure you write tests for all the changes/bug fixes.
3. Also you can write regression tests, which shows that something is failing but doesn't breaks the build. Which is actually a nice way to show that something fails. Regression tests are written using test.failing() method.
4. Make sure all the tests are passing on travis and appveyor.

General Practices

Since Es6 is in, you should strive to use latest features. For example:

1. Use Spread over arguments keyword.
2. Never use bind or call. After calling these methods, we cannot guarantee the scope of any methods and in AdonisJs codebase we do not override the methods scope.
3. Make sure to write proper docblock.

Issues & PR

It is always helpful if we try to follow certain practices when creating issues or PR's, since it will save everyone's time.

1. Always try creating regression tests when you find a bug (if possible).
2. Share some context on what you are trying to do, with enough code to reproduce the issue.
3. For general questions, please create a forum thread.
4. When creating a PR for a feature, make sure to create a parallel PR for docs too.

Regression Tests

Regression tests are tests, which shows how a piece of code fails under certain circumstance, but the beauty is even after the failure, the test suite will never fail. Actually is a nice way to notify about bugs, but making sure everything is green.

The regression tests are created using

test.failing('2 + 2 is always 4, but add method returns 6', (assert) => {
 assert.true(add(2, 2), 4)
})

Now since the add method has a bug, it will return 6 instead of 4. But the build will pass.

3.0.5 (2018-03-30)

Features

• apischeme: allow clientLogin to accept user instance (97ba27d)

3.0.4 (2018-03-18)

3.0.3 (2018-03-16)

Bug Fixes

• databaseSerializer: fix serializer after knex upgrade (d88d2a8)
• package: add comma (b9a456f)
• provider: use correct namespace for WsContext (d28698c)

Features

• basicauth: allow basic auth string via request body (0466ed8)
• middleware: add methods on middleware to be used with Websocket (1afb942)

3.0.2 (2018-02-16)

Bug Fixes

• instructions: do not log errors (793bc62)

3.0.1 (2018-02-07)

Bug Fixes

• serializer: db serializer use columnize method (8c22f97)

3.0.0 (2018-01-31)

Bug Fixes

• auth: authorization header bearer is not case insensitive (2c5ab9e)
• config: remove deprecated self call (#90) (30fd632)

Features

• jwt,api: add revokeToken(s) method (5e5757d)

2.0.11 (2018-01-12)

Bug Fixes

• auth middleware: main instance of auth should point the valid user (c0a0138)
• auth middleware: use default scheme in case of no runtime scheme (54a5de1)
• exceptions: exceptions should use fields names of current authenticator (9e53837), closes #75
• tokenschema: generated tokens are bigger after encryption (f85a4d2), closes #77

Features

• jwt: add login() method to jwt scheme (#72) (0466109)

2.0.10 (2017-10-31)

Bug Fixes

• view.auth: share auth user with view from middleware (3b4b081)

2.0.9 (2017-10-31)

Bug Fixes

• vow:trait: throw exception when session trait is before auth (cb462e2)

2.0.8 (2017-10-29)

Bug Fixes

• package: update basic-auth to version 2.0.0 (#59) (244839b)

Features

• auth: add loggedIn tag and share auth with view (3382c8e)

2.0.7 (2017-10-03)

Bug Fixes

• middleware: handle case when middleware scheme is not an array (5364f40), closes #61
• package: update debug to version 3.0.0 (#54) (ef300bf)
• package: update jsonwebtoken to version 8.0.0 (#57) (8c4497b)

2.0.6 (2017-09-06)

Bug Fixes

• config: add table column and api config (d038205)

Features

• client: add auth client for vow (e18b02e)
• client: add clientLogin method on api scheme (b6e3767)

2.0.5 (2017-08-22)

2.0.4 (2017-08-22)

Bug Fixes

• jwt: jwt remove password when attaching user (542d331)

Features

• jwt,api: add listTokens method (1932449)
• tokens: encrypt api and jwt refresh tokens (57d5650)

2.0.3 (2017-08-16)

Features

• middleware: add auth middleware (50e7346)
• schemes: add api tokens scheme (b4c98d7)

2.0.2 (2017-08-08)

Bug Fixes

• test: add dummy provider for Exceptions (f308199)

Features

• exceptions: add handlers for exceptions (70ac097)
• schemes: expose base scheme and few config properties (60b9e18)

2.0.1 (2017-08-05)

Bug Fixes

• fix typo errors (4a600d3)

2.0.0 (2017-08-04)

Bug Fixes

• auth: get cookie expiry as a date (5bb56b8)
• package: update ms to version 1.0.0 (#37) (87fd5a9)

Features

• auth: add auth class (23b749e)
• exceptions: use generic-exceptions module (c7026f5)
• instructions: added instructions files (23d4532)
• jwt: add jwt scheme (be074d6)
• manager: add auth manager (9132fb9)
• middleware: add authinit middleware (b255540)
• provider: add provider (4ff5650)
• scheme: implement basic auth scheme (2a39cf2)
• scheme: implement session scheme (e2be7d3)
• serializer: add methods to support tokens (7c4c28d)
• serializer: implement database serializer (533a2fb)
• session: add loginIfCan method (bdc0274)

Reverts

• provider: do not register middleware (d203a97)

1.0.7 (2017-03-27)

Bug Fixes

• middleware: use request.viewInstance over view global (00d4c20)

1.0.6 (2017-02-17)

Bug Fixes

• middleware: use authenticator instance for check and getUser (c4493e7), closes #32

1.0.5 (2016-12-12)

Bug Fixes

• api:tokens: fix revokeTokens (c012936), closes #24
• command: fix typo (#26) (3409fd2), closes #26

Features

• basic: add support for query string (a177aa3)
• jwt: add option for passing custom payload (2e413fe), closes #14
• schemes:jwt: add custom jwt payload functionality (a542fc4)
• socket: add method to support websocket (43f0126)

1.0.4 (2016-09-26)

Features

• jwt: add validate and attempt methods (46b8bb7), closes #18

1.0.3 (2016-09-13)

Bug Fixes

• migrations keep exports and class name same

1.0.2 (2016-08-26)

• Update adonis-fold as peer dependency

1.0.1 (2016-08-26)

• Update adonis-fold

1.0.0 (2016-06-26)

Bug Fixes

• case: the folder name should be lowercase(3bfb241)
• middleware:authinit: inject view when binding to IoC container(56de662)
• middleware:authinit: make sure currentUser is accessible to all views and requests(3065580)
• package: remove adonis-fold old dependency and fix package name(b59f754)
• serializer:database: fix typo errors(6fb2b9f)

Features

• authenticator:api: add api authenticator(3c9438d)
• authenticator:basicAuth: implement basic auth authenticator(6b92bea)
• authenticator:jwt: implement jwt authenticator(7044e93)
• authenticator:session: implement session authenticator and it's tests(ac0cd62)
• authmanager: bind auth manager to the Ioc container(53990e7)
• commands: add command to create migrations and models(eda99f1)
• commands: add command to create migrations and models(ba80fe1)
• middleware: add required middleware(831a803)
• package: add coveralls hook(1e53c45)
• serializer: add Lucid serializer(8c53318)
• serializer: initiate Database serializer(eadb70d)
• serializer:database: add database serializer(6d9313e)
• serializer:lucid: add methods to retrieve tokens(908d8dc)
• util: add support for date diff(a489109)