Skip to content

Latest commit

 

History

History
146 lines (120 loc) · 3.99 KB

strategy.md

File metadata and controls

146 lines (120 loc) · 3.99 KB

Strategy

In Nebular terms Auth Strategy is a class containing authentication logic specific for some authentication flow (email/password, OAuth2, etc). It accepts user input (login/email/password/token/etc), communicates the input to the backend API and finally provides the resulting output back to the Auth UI layer. Currently, there are two Auth Strategies available out of the box:

  • NbDummyAuthStrategy - a simple strategy for testing purposes, could be used to simulate backend responses while API is in the development;
  • NbPasswordAuthStrategy - the most common email/password authentication strategy.

Each Strategy has a list of configurations available with the default values set. But you can adjust the settings based on your requirements.

Configure a strategy

As an example, let's configure API endpoints for the NbPasswordAuthStrategy. The strategy is configured by default, please take a look at the default configuration values if you need any custom behavior. We assume you already have the Auth module installed inside of your *.module.ts:

@NgModule({
  imports: [
   // ...
    
   NbAuthModule.forRoot({
         strategies: [
           NbPasswordAuthStrategy.setup({
             name: 'email',
           }),
         ],
         forms: {},
       }), 
  ],
});

email here is an alias we've assigned to the strategy so that we can dynamically mention it later. This also allows us to configure multiple strategies with various configurations in one app.

Setup API configuration

Now, let's add API endpoints. According to the NbPasswordAuthStrategy documentation, we have baseEndpoint setting, and also an endpoint setting for each function (login/register/etc):

@NgModule({
  imports: [
   // ...
    
   NbAuthModule.forRoot({
         strategies: [
           NbPasswordAuthStrategy.setup({
             name: 'email',
            
             baseEndpoint: '',
              login: {
                // ...
                endpoint: '/api/auth/login',
              },
              register: {
                // ...
                endpoint: '/api/auth/register',
              },
           }),
         ],
         forms: {},
       }), 
  ],
});

Let's assume that our API is located on a separate server http://example.com/app-api/v1 and change the baseEndpoint accordingly:

{
 // ...
 baseEndpoint: 'http://example.com/app-api/v1',
 // ...
}

And configure the endpoints, considering that the final endpoint will consist of baseEndpoint + method.endpoint:

{
  baseEndpoint: 'http://example.com/app-api/v1',
  login: {
    endpoint: '/auth/sign-in',
  },
  register: {
    endpoint: '/auth/sign-up',
  },
  logout: {
    endpoint: '/auth/sign-out',
  },
  requestPass: {
    endpoint: '/auth/request-pass',
  },
  resetPass: {
    endpoint: '/auth/reset-pass',
  },
}

Finally, let's presume that unlike in the default strategy settings, our API accepts only HTTP POST, so let's fix that too:

{
  baseEndpoint: 'http://example.com/app-api/v1',
  login: {
    endpoint: '/auth/sign-in',
    method: 'post',
  },
  register: {
    endpoint: '/auth/sign-up',
    method: 'post',
  },
  logout: {
    endpoint: '/auth/sign-out',
    method: 'post',
  },
  requestPass: {
    endpoint: '/auth/request-pass',
    method: 'post',
  },
  resetPass: {
    endpoint: '/auth/reset-pass',
    method: 'post',
  },
}
Note
No need to list all available configurations there. Your settings will be merged with default strategy settings accordingly.

Great! With these simple steps, you should have the authentication layer correctly configured against your API back-end.

Related Articles