-
Notifications
You must be signed in to change notification settings - Fork 4
Authentication
The authorisation of the parent application is handled by creating a new authentication provider that extends src/authentication/baseAuthProvider. Additionally, the parent app should be also modified so that it recognises the new provider by editing handleAuthProviderUpdate in daaas.reducer so that it is able to regonise a value for auth-provider in settings.json that matches your new auth provider.
This class provids some default methods that can be overwritten if need be but are fine if left e.g. managing the storing of tokens. The main methods a new auth provider needs to fulfull are the login method, which accepts a username and password and returns a Promise that resolves on successful login and rejects on unsuccessful login, and the verifyLogin method which checks that the token is still valid and similarly returns a Promise that is valid upon valid token and invalid upon invalid token.
There is a LoadingAuthProvider which is only used when the app is loading to reject all login attempts, and a TestAuthProvider which is used for testing purposes and then there are the actual example auth providers - jwt and github.
Tokens are currently stored in local storage under daaas:token. We want to change this to be stored as a cookie instead.
In order to be able to authenticate, then the authorisation server needs to be ran alongside the parent application. The npm run command currently does this automatically, but otherwise you need to serve /server/auth-server.js
-
Architecture
-
Dev environment
-
Developing a plugin
-
Deployment
- Deploying SciGateway
- SciGateway Settings
- Deploying plugins
-
Releasing
-
Plugins
-
Continuous Integration
-
UX
-
Feedback