passportjs

[rajatpandit]

hi - first off thank you for the amazing framework - it works very well. i wanted to know if there were some working examples of passportjs/facebook/with a store i can see the code works very well with generic koa git@github.com:wahyudibo/koa-passport-facebook-example.git

but i can't get it to work with reactql. also using koa-session on reactql just sets the session in the encrypted cookie making it too big for the browser to reject it

any code snippets, working examples etc would be very much appreciated

[leebenson]

Everyone's asking about auth lately :smile:

See https://github.com/reactql/kit/issues/58 and https://github.com/reactql/kit/issues/38

I'm working on authentication this week and should have some solid first-class support by next week, hopefully. Will keep you posted.

[wmhafiz]

any update on Authentication? Will it support Social Login such as Facebook and Google login?

[leebenson]

I've been working on auth this week, and I'm hoping to have a working app in the examples repo by the end of the weekend.

This first version will likely be just e-mail/password auth (it uses Sequelize and an in-memory SQLite DB, along with a custom handler for JWT tokens).

Once it's up, I'll likely augment that with custom routes (which can now be defined in userland, as of 2.0) to handle Passport.js (or similar) endpoints for social media logins.

How this is handled is a matter of preference; some developers prefer to use the JWT token from a social media as an 'implicit' login that represents a separate user. Others prefer to design a system so that, say, Facebook's e-mail address is synced with an existing e-mail in the system, and/or a new user is created based off of it. It'll probably be the latter paradigm that's used in this sample app, so there's one canonical source of 'users' and then a series of external JWTs / IDs that can be related to the user record when logging in socially. In other words - if the user doesn't exist when you first login via FB or Google, it'll be created implicitly; if a user logs again, it'll re-use that same user profile.

New in 2.4 is the ability to add custom middleware, and new handling of Apollo client and store creation -- instead of being local to the createReactHandler() function, an Apollo instance and a store is attached to Koa's ctx object, which allows store state to be accessed (and Redux actions fired), outside of React. This is an important piece of the puzzle for allowing Passport.js endpoints to feed back into the common app state that's passed back to the client.

There are a few issues I need to work out over the weekend, then I'll release.

[gihrig]

a system so that, say, Facebook's e-mail address is synced with an existing e-mail in the system, and/or a new user is created based off of it

I have struggled to sync up social/O-auth logins with local user/password accounts. Having this ability in ReactQL would be Awesome! ✨ 💖 ✨

[leebenson]

See https://github.com/reactql/kit/issues/38#issuecomment-325102058 for an update for local JWT auth.

This will shortly be extended to allow for social logins.

[leebenson]

Auth has been released! -> https://github.com/reactql/examples/tree/master/auth

Video explainer on YT -> https://youtu.be/s1p4R4rzWUs

This first version uses email/password auth against an in-memory SQLite DB. It sets all up the GraphQL types, DB tables, fixtures, middleware and JWT handling.

I'll augment this example shortly with Passport.js (or similar) handling for social logins, so external OAuth can also feed back into this same system.

Will keep this thread open until that's done. In the meantime, would welcome your questions and comments.

[leebenson]

Passport.js has been integrated, with a Facebook example ->

https://github.com/reactql/examples/tree/master/auth

Video commentary to follow later.

[wmhafiz]

This is great! Cant wait for the followup video. 👍

[dougajmcdonald]

@leebenson the link at the bottom of this post has moved to here I think.

https://github.com/reactql/example-auth