{"id":13554584,"url":"https://github.com/SteveMcArthur/docpad-plugin-authentication","last_synced_at":"2025-04-03T07:31:57.317Z","repository":{"id":27890900,"uuid":"31382400","full_name":"SteveMcArthur/docpad-plugin-authentication","owner":"SteveMcArthur","description":"Handles authentication and login functionality via social login for your docpad application. Protects pages from unauthenticated users. Uses the node module social-login (https://github.com/26medias/social-login) to standardise the configuration interface to the various login strategies and handle routing and redirection.","archived":false,"fork":false,"pushed_at":"2017-01-11T14:06:15.000Z","size":711,"stargazers_count":4,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-08T09:17:20.844Z","etag":null,"topics":["authentication","docpad","javascript","login-strategies","membership","plugin","social-login"],"latest_commit_sha":null,"homepage":"http://login-stevehome.rhcloud.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SteveMcArthur.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-02-26T18:38:44.000Z","updated_at":"2019-07-18T16:45:48.000Z","dependencies_parsed_at":"2022-09-01T21:50:55.414Z","dependency_job_id":null,"html_url":"https://github.com/SteveMcArthur/docpad-plugin-authentication","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SteveMcArthur%2Fdocpad-plugin-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SteveMcArthur%2Fdocpad-plugin-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SteveMcArthur%2Fdocpad-plugin-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SteveMcArthur%2Fdocpad-plugin-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SteveMcArthur","download_url":"https://codeload.github.com/SteveMcArthur/docpad-plugin-authentication/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246956577,"owners_count":20860464,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","docpad","javascript","login-strategies","membership","plugin","social-login"],"created_at":"2024-08-01T12:02:50.773Z","updated_at":"2025-04-03T07:31:56.862Z","avatar_url":"https://github.com/SteveMcArthur.png","language":"JavaScript","funding_links":[],"categories":["JavaScript","javascript"],"sub_categories":[],"readme":"# Authentication Plugin for [DocPad](http://docpad.org)\n\n[![Build Status](https://img.shields.io/travis/SteveMcArthur/docpad-plugin-authentication/master.svg)](https://travis-ci.org/SteveMcArthur/docpad-plugin-authentication \"Check this project's build status on TravisCI\")\n[![NPM version](https://img.shields.io/npm/v/docpad-plugin-authentication.svg)](https://www.npmjs.com/package/docpad-plugin-authentication \"View this project on NPM\")\n[![NPM downloads](https://img.shields.io/npm/dm/docpad-plugin-authentication.svg)](https://www.npmjs.com/package/docpad-plugin-authentication \"View this project on NPM\")\n\nHandles authentication and login functionality via social login for your docpad application. Protects pages from unauthenticated users. Uses the node module [social-login](https://github.com/26medias/social-login) to standardise the configuration interface to the various login strategies and handle routing and redirection.\n\n## Support\nThe following services are supported:\n\n* facebook\n* twitter\n* google\n* github\n\n\n## Install\n\n### Install the Plugin\n\n```\ndocpad install authentication\n```\nor\n```\nnpm install docpad-plugin-authentication --save\n```\n\n## Configure\n\nExample configurations for facebook, twitter, google and gihub in the [docpad configuration file](https://docpad.org/docs/config):\n\n``` coffee\n \n plugins:\n authentication:\n #list of urls that will be protected by authentication \n protectedUrls: ['/admin/*','/analytics/*','/super-secret-url/*']\n \n ###\n Enable this if you get the `passport.initialize() middleware not in use` error.\n This is caused when another plugin is loaded before the authentication plugin and is\n applying routes before the authentication routes can be applied. This config option\n forces the plugin to manually create the HTTP server and apply the authentication\n routes before any other plugin.\n ###\n forceServerCreation: false\n \n ###\n If you want your app to be able to retrieve a list of users from the membership list\n then you will need to supply a method to this config option - unless you just rely\n on the default simple membership which populates this method automatically.\n ###\n getUsers: () -\u003e\n #do something to get a list of users\n \n ###\n configuration parameters for the various authentication\n strategies. You will normally need to create an application\n via the various services developer consoles to get a the\n appropriate clientIDs and clientSecrets (sometimes called things\n like consumer key/secrets or API key/secrets). Recommended that you\n store these values in an environment file (https://docpad.org/docs/config)\n and added to your .gitignore file\n ###\n strategies:\n facebook:\n settings:\n #if you use a .env file to store the clientID and clientSecret\n #don't wrap them in quotes as that will be counted as extra characters\n clientID: process.env.facebook_clientID\n clientSecret: process.env.facebook_clientSecret\n authParameters: scope: 'read_stream,manage_pages'\n url:\n auth: '/auth/facebook'\n callback: '/auth/facebook/callback'\n success: '/'\n fail: '/login'\n twitter:\n settings:\n clientID: process.env.twitter_clientID\n clientSecret: process.env.twitter_clientSecret\n url:\n auth: '/auth/twitter'\n callback: '/auth/twitter/callback'\n success: '/'\n fail: '/login'\n google:\n settings:\n clientID: process.env.google_clientID\n clientSecret: process.env.google_clientSecret\n authParameters: scope: ['https://www.googleapis.com/auth/userinfo.profile','https://www.googleapis.com/auth/userinfo.email']\n url:\n auth: '/auth/google'\n callback: '/auth/google/callback'\n success: '/'\n fail: '/login'\n github:\n settings:\n clientID: process.env.github_clientID\n clientSecret: process.env.github_clientSecret\n url:\n auth: '/auth/github'\n callback: '/auth/github/callback'\n success: '/'\n fail: '/login'\n \n environments:\n development:\n templateData:\n site:\n url: \"http://127.0.0.1:9778\"\n \n plugins:\n authentication:\n strategies:\n github:\n settings:\n #set development ids in env file\n clientID: process.env.github_devclientID\n clientSecret: process.env.github_devclientSecret\n \n\n```\nNote: You don't need to configure a logout URL unless you want to use a URL other than `/logout`.\n\n\n## Membership\nThe plugin now has a simple membership system built in (since version 2.4.0). This is based on saving a list of users to an external JSON file. No extra configuration is required to use this membership as it is turned on by default. To override it you need only to supply a `findOrCreate` method to the plugin configuration and then implement your own methods for finding, creating and saving users.\n\n\n**Please note**\n\nMuch of the correct functioning of this plugin depends on the correct configuration on the side of the various services developer consoles. In particular, pay attention to URLs. Some services do not work well with localhost/127.0.0.1. I couldn't get facebook to work on localhost. Make sure the domain of your login button is on the same domain that the service returns you to. Seems obvious, but in testing I had a login page on 127.0.0.1 and the service was returning me to localhost. You will lose your session if you do that - and it may not be obvious why.\n\n**How to work out if it is your setup causing problems or your configuration of a particular service**\n\nUse github to test your own application, even if you don't intend to use github as your login service. If login works with github but not another service, chances are that the problem is with your configuration of the particular service that is failing. Some services are more difficult to configure correctly than others, but github seems to be the easiest. Also check the url returned by a failing service. Often there is information in the response header or query parameters returned by the service.\n\n**Don't test in development mode with live reload**\n\nTo write out any information, such as username, that is returned from the login, you will need to mark the page as dynamic (and install the [clean urls plugin](https://www.npmjs.com/package/docpad-plugin-cleanurls)). However, this seems to cause a problem when in development mode and the live reload. I don't think this is specific to this plugin, but it means you will end up in a loop of the page regenerating and reloading. It's best to just remove the [livereload plugin](https://www.npmjs.com/package/docpad-plugin-livereload). Delete it from the package.json file and the node_modules directory.\n\n**Plugin checks for configured authentication strategies**\n\nThe plugin now checks the configured authentication strategies all have a clientID and clientSecret. If not, these strategies are removed and a warning issued through the console. If no strategies are configured, a warning will be issued that no pages will be protected by authentication.\n\n## Example\n\nFor a working example using twitter, facebook, google and github, refer to the [My Authentication Website](http://login-stevehome.rhcloud.com)\n\n\n## License\n\nLicensed under the incredibly [permissive](http://en.wikipedia.org/wiki/Permissive_free_software_licence) [MIT license](http://creativecommons.org/licenses/MIT/)\n\nCopyright \u0026copy; 2015+ Steve McArthur \u003csteve@stevemcarthur.co.uk\u003e (http://www.stevemcarthur.co.uk)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSteveMcArthur%2Fdocpad-plugin-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSteveMcArthur%2Fdocpad-plugin-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSteveMcArthur%2Fdocpad-plugin-authentication/lists"}