Skip to content
Feathers REST and Websocket authentication using JSON Web Tokens (JWT) with PassportJS.
JavaScript HTML
Latest commit f25dcde @ekryski ekryski Merge pull request #106 from ahdinosaur/fix-primus-connected
primus client connect event is 'open'

README.md

feathers-authentication

Build Status

Add Authentication to your FeathersJS app.

feathers-authentication adds shared PassportJS authentication for Feathers HTTP REST and WebSockets services using JSON Web Tokens.

Installation

npm install feathers-authentication --save

Documentation

Please refer to the Authentication documentation for more details:

Complete Example

Here's an example of a Feathers server that uses feathers-authentication for local auth. It includes a users service that uses feathers-mongoose. Note that it does NOT implement any authorization.

import feathers from 'feathers';
import hooks from 'feathers-hooks';
import bodyParser from 'body-parser';
import authentication from 'feathers-authentication';
import { hooks as authHooks } from 'feathers-authentication';
import mongoose from 'mongoose';
import service from 'feathers-mongoose';

const port = 3030;
const Schema = mongoose.Schema;
const UserSchema = new Schema({
  email: {type: String, required: true, unique: true},
  password: {type: String, required: true },
  createdAt: {type: Date, 'default': Date.now},
  updatedAt: {type: Date, 'default': Date.now}
});
let UserModel = mongoose.model('User', UserSchema);

mongoose.Promise = global.Promise;
mongoose.connect('mongodb://localhost:27017/feathers');

let app = feathers()
  .configure(feathers.rest())
  .configure(feathers.socketio())
  .configure(hooks())
  .use(bodyParser.json())
  .use(bodyParser.urlencoded({ extended: true }))
  // Configure feathers-authentication
  .configure(authentication());

app.use('/users', new service('user', {Model: UserModel}))

let userService = app.service('users');
userService.before({
  create: [authHooks.hashPassword('password')]
});

let server = app.listen(port);
server.on('listening', function() {
  console.log(`Feathers application started on localhost:${port}`);
});

Client use

You can use the client in the Browser, in NodeJS and in React Native.

import io from 'socket.io-client';
import feathers from 'feathers/client';
import hooks from 'feathers-hooks';
import socketio from 'feathers-socketio/client';
import localstorage from 'feathers-localstorage';
import authentication from 'feathers-authentication/client';

const socket = io('http://localhost:3030/');
const app = feathers()
  .configure(socketio(socket)) // you could use Primus or REST instead
  .configure(hooks())
  .configure(authentication({ storage: window.localStorage }));

app.authenticate({
  type: 'local',
  'email': 'admin@feathersjs.com',
  'password': 'admin'
}).then(function(result){
  console.log('Authenticated!', result);
}).catch(function(error){
  console.error('Error authenticating!', error);
});

Changelog

0.5.0

  • Removing app.user and app.token
  • Removing dependency on feathers-localstorage
  • Abstracting socket connect and disconnect events so developers don't need to do it and the interface is the same between REST and sockets.
  • Adding more tests
  • Cleaning up the example

0.4.0

  • Customize the JWT payload (#78)
  • Using feathers-localstorage for storing user and token credentials.
  • Adds support for using auth in NodeJS and React Native
  • Fixes issue where user was not getting added to response on authentication for databases that use _id as their field name.
  • adds better client side error handling

0.3.1

  • Fix toLowerCase hook (#74)

0.2.2

  • Fix customization of the tokenEndpoint (#57)

0.2.1

  • fixing passing custom local options. (#55)

0.2.0

  • Migrating existing code to use services
  • Standardizing on a hook spec
  • Adds support for authenticating with socketio and primus (#32)
  • Only signs the JWT with user id (#38)
  • Locks down socket authentication (#33)
  • Continues the work @marshallswain did on handling expired tokens (#25)
  • Adds a bunch more tests.
  • Adds support for OAuth2 (#43)
  • Adds a client side component for easy authentication with Feathers (#44)
  • Adds preliminary support for graceful fallback to cookies for JWT (#45)
  • Adds an example project showing all the different ways you can authenticate

0.1.0

  • Adding local authentication
  • Adding bundled hooks

0.0.5

  • Initial release

License

Copyright (c) 2015

Licensed under the MIT license.

Something went wrong with that request. Please try again.