Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Brian Gulotta
    @bgulotta
    yeah i'm not using the sails for a front-end either
    Aaron Heesakkers
    @aars
    I have a sneaking suspicion that the passport protocol extensions in api/services/protocols/ don’t do anything/are useless. Since sails-auth requires them from it’s own subdir, there is nobody/nocode that requires the ‘extensions’ that are dropped in your project dir.
    I think it might be better to have a generate script that places a lot of these requirements in your project dir, most obvious example would be the AuthController. This would also encourage people to modify it to their own needs in a better way.. since now you either have to override some pretty specific flow (the redirects, the use of req.flash) in your subclass, or dive into your node_modules breaking easy dependencies.
    Aaron Heesakkers
    @aars
    Here are my current changes, by far useable for anybody else, got my own BearerToken model stuck in there (protocols/local.js). Will find a way to clean this up soon. https://github.com/aars/sails-auth/commits/master
    AuthController is probably a better place for creating that BearerToken.
    Or maybe some magic within passportjs? Somehow generate a token, store it in a common/good place and add it to the found user, but that last part is again custom code.
    Aaron Heesakkers
    @aars
    Gurrr… passport is trying to authenticate whenever I post a to-be-created user to my /users endpoints.. Hahaha.. ugh...
    I’m done with code for today. Time to break open this iMac and install some SSD sweetness. Cheers all! Thanks.
    Brian Gulotta
    @bgulotta
    SSD is goooooooooo
    d
    Aaron Heesakkers
    @aars
    Yeah, especially when running two node projects that both watch soo freaking many files :)
    Brian Gulotta
    @bgulotta
    using nodemon?
    Aaron Heesakkers
    @aars
    Yeah, at least one. There might be some grunt watching task as well.
    Poor machines doesn't handle it well.
    Aaron Heesakkers
    @aars
    That was one hell of an exercise! :D But it's in!
    Brian Gulotta
    @bgulotta
    everything nice and snappy now?
    Aaron Heesakkers
    @aars
    Still installing.
    Aaron Heesakkers
    @aars
    Because you really wanted to know: Yeah. Nice and snappy. I had never done any node work on a non-ssd, and I hope no-one ever should :)
    Travis Webb
    @tjwebb
    I've got two ssds in raid 0 in my laptop. I basically have 500gb of ram :)
    Aaron Heesakkers
    @aars
    Nice. No need for a .nodemonignore file then :)
    Aaron Heesakkers
    @aars
    @tjwebb Any thoughts on seperating the backend- (api, auth, models, etc) and frontend-stuff (redirects/tryAgain() method in AuthController mostly) of sails-auth? Also, any thoughts on what I said march 27? :point_up: March 27 2015 1:44 PM
    It seems to me that sails-auth (and sails-permissions in extension) are really the best packages out there. Would be great if they became a go-to package for auth. Are they? (I didn’t find them easily, found generate-auth first for example)
    Travis Webb
    @tjwebb
    @aars sails-(auth|permissions) are now in the official sails.js docs, in the policies section. I aim to get them in more places; currently they are the de facto official packages, since we at balderdash are recommending them to people who ask
    They are relatively new (1.0 release is only a month or so old) so full traction may take a little time
    Aaron Heesakkers
    @aars
    @ghaiklor I invited you to this room to hopefully discuss some improvements on sails-auth. (@tjwebb). I’ve got some “free time” the coming weeks and would love to contribute. What I would like to see/do:
    • decouple frontend-related stuff. (redirects, flash errors, etc)
    • Use generators/templates to prevent the need to edit node_modules (or override large pieces of code)
    • A better/clearer passportjs implementation?
    • jwt (or other token) authentication/generation.
    • do not break sails-permissions when doing this :)
    Eugene Obrezkov
    @ghaiklor
    Hi ) Yeah, no problem. Feel free to ask questions about passport. I'm going to implement more strategies with token, so I cant participate for now )
    And of course I cant forgot my yeoman generator )
    Aaron Heesakkers
    @aars
    Great! I’ll play around with your generator soon and see what I can pick up from it. Looks good.
    Aksimaya
    @Aksimaya
    Hey guys.. what is the difference between sails-auth (by tjwebb) & sails-generate-auth (by kasperisager) ? which one should i install better? i see that sails-generate-auth seems more complete because it has /views/auth/*.ejs for frontend. any idea @tjwebb ?
    Aaron Heesakkers
    @aars
    Those views are very simple and by the looks of it only used for demonstration purposes. But, it is a good question why sails-auth doesn’t have them, since it does redirect to in the AuthController, suggesting there is a frontend dependency.
    You could probably drop in these views as-is.
    Aksimaya
    @Aksimaya
    @aars tx.. will try to drop it. I just a little bit confused which one i should follow for the future version :D
    @aars you will code the jwt ? cool.. cant wait to use it :) so that i can test the permission with postman, no need to build the frontend first. Btw, i just using sails-auth, so sorry if to much comments / questions.
    *build frontend to make a login system as there is sessionAuth policy
    Aaron Heesakkers
    @aars
    No prob. I’ve ran into some questions and issues as well, I’m not using a frontend in sails so I didn’t need the views or the redirects. I haven’t implemented jwt yet, I simply generate and assign a token after authentication that is then used in a Authorization header. I wrote a simple custom passportJs strategy for that.
    Not to make things more complicated for you, but you should also take a look at @ghaiklor’s sails-generate-rest-api. It’s built specifically for REST api’s that do not contain a frontend, and has a very nice and clean AuthController for example. You can probably scroll up here in gitter to see the conversations tjwebb and him had.
    There is a lot if fine-tuning going on.
    You’re probably gonna "get your hands dirty” before having a ful auth setup the way you want it.
    Aksimaya
    @Aksimaya
    yes.. true.. hehe.. before i found the sails-auth, i've coded myself for about three days, Inspired by stormpath which seems has a complete default user module. But i love sails more.. it more beautyfull (for me) :)
    Eugene Obrezkov
    @ghaiklor
    Hi guys. Just want to share news with you. I've done much more passport strategies, which adapted exactly for REST API. All of them already included in edge version of generator-sails-rest-api. You can find them in my repository list. Still in development and some cases could be wrong, but in general test cases is passing and problems can be only if some changes appears in social API :smiley:
    Aksimaya
    @Aksimaya
    @ghaiklor cool.. Will try it..
    Tristan F.
    @Esya
    Anyone here could give me some guidelines on how to use sails-auth to generate a token for my front app instead of relying on cookies once the user has logged-in ?
    I'm not quite sure how to do so, because the user still can login with multiple passport strategies, so I can't "just use passport-http-bearer"
    Tristan F.
    @Esya
    Just created a stackoverflow question which is more detailed.
    Travis Webb
    @tjwebb
    hey esya, I responded to your github issue. we can chat here also if you'd like