{"id":17772588,"url":"https://github.com/jamesplease/backbone.simple-auth","last_synced_at":"2025-03-15T16:31:38.870Z","repository":{"id":26348032,"uuid":"29796924","full_name":"jamesplease/backbone.simple-auth","owner":"jamesplease","description":"A basic cookie-based client-side auth service for Backbone apps.","archived":false,"fork":false,"pushed_at":"2015-02-03T15:21:31.000Z","size":464,"stargazers_count":9,"open_issues_count":3,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-10-08T05:29:55.640Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jamesplease.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-01-25T00:17:49.000Z","updated_at":"2022-06-15T21:09:10.000Z","dependencies_parsed_at":"2022-09-15T03:53:34.542Z","dependency_job_id":null,"html_url":"https://github.com/jamesplease/backbone.simple-auth","commit_stats":null,"previous_names":["jmeas/backbone.simple-auth"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamesplease%2Fbackbone.simple-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamesplease%2Fbackbone.simple-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamesplease%2Fbackbone.simple-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamesplease%2Fbackbone.simple-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jamesplease","download_url":"https://codeload.github.com/jamesplease/backbone.simple-auth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":221587195,"owners_count":16848054,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-26T21:39:54.802Z","updated_at":"2024-10-26T21:39:55.325Z","avatar_url":"https://github.com/jamesplease.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# backbone.simple-auth\n[![Travis build status](http://img.shields.io/travis/jmeas/backbone.simple-auth.svg?style=flat)](https://travis-ci.org/jmeas/backbone.simple-auth)\n[![Code Climate](https://codeclimate.com/github/jmeas/backbone.simple-auth/badges/gpa.svg)](https://codeclimate.com/github/jmeas/backbone.simple-auth)\n[![Test Coverage](https://codeclimate.com/github/jmeas/backbone.simple-auth/badges/coverage.svg)](https://codeclimate.com/github/jmeas/backbone.simple-auth)\n[![Dependency Status](https://david-dm.org/jmeas/backbone.simple-auth.svg)](https://david-dm.org/jmeas/backbone.simple-auth) \n[![devDependency Status](https://david-dm.org/jmeas/backbone.simple-auth/dev-status.svg)](https://david-dm.org/jmeas/backbone.simple-auth#info=devDependencies)\n\nA basic cookie-based client-side auth service for Backbone apps.\n\n### Motivation\n\nSome client-side apps need to send a token stored in a cookie along with each request to\nan API under the Authorization header. This library manages that for you.\n\nIt also provides a central location for your app to determine if the user is authenticated\nor not.\n\n### When should I use this library?\n\n- Your application stores authenticated user tokens in cookies\n- Your API follows the [Bearer Token spec](https://tools.ietf.org/html/rfc6750#section-2.1)\n  for the Authorization header. Github's API\n  [is an example](https://developer.github.com/v3/oauth/#use-the-access-token-to-access-the-api)\n  of an API that accepts this format.\n\n### Dependencies\n\nOther than Backbone (and `Backbone.$`), this library depends on\n[Cookies](https://github.com/ScottHamper/Cookies). Don't worry – it's only 1kb.\n\n### Basic Usage\n\nYour server should be configured to set the authentication token as a cookie. When that\nhappens, and your app loads...\n\n```js\n// Load up the module\nvar Auth = require('backbone.simple-auth');\n\n// Create a new instance of auth. If the cookie with the given\n// name exists, then `auth` will set the value of the `Authorization` HEADER\n// for future AJAX requests to be `Bearer COOKIE_VALUE`\nauth = new Auth({\n  cookieName: 'user-token'\n});\n\n// Returns true if the cookie exists\nauth.get('authenticated');\n\n// Get the token\nauth.get('token');\n\n// Destroy the cookie\nauth.logout();\n```\n\nThat's all there is to it.\n\n### Attributes\n\nAuth is a Backbone Model. As such, you can use the Model API when interacting with it.\nThere are three attributes on Auth:\n\n##### `cookieName`\n\nThe name of the cookie to search for the token on. Defaults to `token`.\n\n##### `authenticated`\n\nA boolean representing whether or not the user is authenticated. Defaults to `false`.\n\n##### `token`\n\nThe value of the token. Defaults to `undefined`.\n\n### API\n\n##### `determineAuth()`\n\nSearches for a cookie with the same name as `auth.get('cookieName')`. If it exists,\nthen its value is assumed to be the token, and the user is set to be authorized.\n\nThis is called when `auth` is first created. You may also wish to call it later if\nyour application allows for logging in on the client.\n\nIf the cookie is found, the `authenticated` event is triggered.\n\n##### `logout()`\n\nIf the user is logged in, then the cookie will be destroyed. The value of `authenticated` is\nset to false, and the value of `token` is set to `undefined`. Lastly, the `logout` event is\ntriggered.\n\n### Events\n\n##### `authenticate`\n\nThe user has logged in. Called when `auth` is first loaded. The value of the `token` is passed\nas the first argument.\n\n##### `logout`\n\nThe user has been logged out.\n\n### FAQ\n\n#### How do I log the user in from the client?\n\nThis library does not handle creation of cookies containing auth tokens, because there are so many\nways to accomplish such a task. You will need to build your own system to generate the token. Once\nyou've done that, and you can generate a token for authenticated users, then you must set it as the\ncookie. Once that is done, call `auth.determineAuth()` to notify the `auth` model that the user is\nlogged in.\n\n#### Is this library secure?\n\nIt might seem strange that this library considers a user authenticated if there is **any** value stored\nin the cookie. As surprising as it may seem, this is not a security concern. The fact is that there is\nsimply no way for the client to be certain that the user really is authenticated. At most, you can make\nan educated guess. Even a token that once authenticated the user could be remotely revoked at any time.\n\nIn this light, assuming that the user is unlikely to tamper with cookies is a reasonable assumption\nto make.\n\nThese assumptions are always checked against the API whenever sensitive data is requested. Consequently,\neven a user who does mess with the cookies, or otherwise has an invalid token, will be unable to access\nany sensitive data. At most, they will see an empty UI interface.\n\n### Contributing\n\n#### Unit tests\n\n**In Node**\n\nRun `gulp` to execute the test suite in Node.\n\n**In the browser**\n\nRun `gulp test:browser` to start a server. Then, navigate to `http://localhost:7777/test/runner.html` to run\nthe suite.\n\n### Building the library\n\n`gulp build`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamesplease%2Fbackbone.simple-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjamesplease%2Fbackbone.simple-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamesplease%2Fbackbone.simple-auth/lists"}