Skip to content

oddnetworks/example-auth-provider

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

Example Auth Provider

Example implementation of a 3rd party auth provider for Oddworks. This should guide developers build routes on their webside so that Oddworks powered app can authenticate viewers to login and watch content.

Your website should implement the routes described below. While the actual routes do not matter, since they are configurable in Oddworks, the responses and payloads do matter so that Oddworks can interpret them correctly.

Running Example Server

$ npm run dev

This will start the example server on http://localhost:3000 with /login and /verify routes.

There is also a demo running at Heroku at http://example-auth-provider.herokuapp.com for your convenience to try. We recommend using https://www.getpostman.com to issue requests for testing.

POST http://yourdomain.com/login

Oddworks Request

{
  "data": {
    "type": "authentication",
    "attributes": {
      "email": "viewer@yourdomain.com",
      "password": "pass12345"
    }
  }
}

Your Server Response

When Oddworks posts to your login route it should respond with a HTTP 200 with the following payload so that Oddworks can stay in sync.

  • id - this is the record number of your viewer/user on your end
  • email - Oddworks will keep this as the canonical ID in our system so that we can look up users by email quickly when serving content
  • entitlements - indicate the initial entitlements the viewer should have upon login
  • jwt - this is YOUR JWT used later on when Oddworks needs to re-verify users so we can login on their behalf without requiring Oddworks to store their password locally.
{
  "data": {
    "id": "YOUR_VIEWER_RECORD_ID",
    "type": "viewer",
    "attributes": {
      "email": "viewer@yourdomain.com",
      "entitlements": ["premium", "yearly"]
    },
    "meta": {
      "jwt": "YOUR_SIGNED_JWT"
    }
  }
}

POST http://yourdomain.com/verify

Oddworks Request

{
  "data": {
    "type": "authorization",
    "attributes": {
      "jwt": "THE_JWT_YOU_SENT_FROM_ABOVE"
    }
  }
}

Your Server Response

Should return the same response as above since Oddworks is logging in as a user with a JWT instead. The only exception is that the response should contain an updated JWT for the user.

{
  "data": {
    "id": "YOUR_VIEWER_RECORD_ID",
    "type": "viewer",
    "attributes": {
      "email": "viewer@yourdomain.com",
      "entitlements": ["premium", "yearly"]
    },
    "meta": {
      "jwt": "YOUR_SIGNED_JWT_WITH_UPDATED_EXPIRATION"
    }
  }
}

About

[MIRROR]

gitlab.com/oddnetworks/oddworks/example-auth-provider

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages