![]() The aurelia-auth config file is compatible with the original Satellizer config file, easing the migration of AngularJs projects to Aurelia. The client secret is sensitive data and should be only available server side. Note that for OAuth the clientId is non sensitive. Since this file is available via the browser, it should never contain sensitive data. Add an aurelia-auth security configuration fileĪdd an javascript file to your project where you will store the aurelia-auth security configuration data. Authenticate is also used for linking a social media account to an existing account. Authenticate is for social media authentication. If you want to learn more about the framework itself check out my Aurelia getting started guide and my blog example. Well be going over some basic commands today. This is a command line tool that will help with bundling and scaffolding. Login is used for the local authentication strategy (email + password). Recently the Aurelia team release a tool called Aurelia-CLI. It's conceived as a simple service with following interface: login(email, password)Īuthenticate(provider, redirect, userData) Installation jspm install aurelia-authĪurelia-auth does not contain any UI widgets. Since aurelia-auth is an Aurelia plugin, we presume here you have your Aurelia project up and running. Obviously, the prerequisites ( NodeJs, Gulp) from Aurelia. The aurelia token will be sent automatically to your API when the user is authenticated. Other OAuth1 and Oauth2 than the above mentioned providers can be simply added by editing the extensible configuration file.īasically, aurelia-auth does not use any cookies but relies on a JWT (json web token) stored in the local storage of the browser:īoth local storage as well as session storage can be used (via the aurelia-auth security configuration file). simple username (email) and password.Īurelia-auth is a port of the great Satellizer library to ES6 and packaged as an Aurelia plugin. If you’re new to the fetch api I recommend this excellent blog post by David Walsh) with a baseurl.Sample app: Sources sample app: ( ) On NPM this module is also called aurelia-auth What is aurelia-auth?Īurelia-auth is a token-based authentication plugin for Aurelia with support for popular social authentication providers (Google, Twitter, Facebook, LinkedIn, Windows Live, FourSquare, Yahoo, Github, Instagram ) and a local strategy, i.e. The aurelia http fetch client (Aurelia recently introduced the aurelia-fetch-client as an alternative to the old aurelia-http-client , Simply export aĬlass with the same name as your view and aurelia will by convention understand that they belong together. Return ( 'content/articles')Īurelia supports ECMAscript 6 (and even 7) and that makes creating a view model class extremely straightforward. Var response = await client.GetStringAsync( " Private readonly string _spaceId = "SPACEID" Private readonly string _accesstoken = "ACCESSTOKENHERE" I decided to wrap all calls to the contentful API in a controller like this: public class ContentController : Controller This is a simple and flexible approach, but immediately begs the question How do we secure our content if we have different levels of authorization for our application? For starters you should probably never expose your authentication token directly to your end user unless you’re absolutely certain that all content you have should be publicly accessible. To be allowed access to the content you need to provide an access token with your request, either as a query string parameter or in the request header. You access it through simple GET requests and the response is delivered as JSON for content and as files for other content types (images, video etc.). It’s a fast read-only API that delivers content through a global CDN to minimize latency. ![]() This is the API responsible for delivering us our content from Contentful. As I mentioned in the previous post Contentful exposes their content through a couple of different APIs, the one we will be focusing on in this instance is the Content Delivery API. I’ve followed the development of theĪurelia framework closely, but never really had a chance to use it in production.Īs it’s almost ready for a release candidate I decided to switch to it and give it a try as well.īut first things first. I initially decided to write the app using angular, but then switched mid-building. As I’m an avid fan of the asp.net community standup the choice for backend technology was easy. I got so worked up about it that I decided that I needed to build something with it just to try In a previous blogpost i confessed my newfound love for Contentful.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |