oAuth2
The auth server is a node server that uses in the oAuth2 protocol. It currently allows for validating users through a username/password, an email adres or unique code (mostly used for voting, often send by letter) and e-mail. Optionally it allows for login through SMS. Anonymous users are also 'logged in', usually through entering a postcode.
User Roles
There are 5 available user roles per client. Admin panel is it's own client.
If admin of admin panel has access to all data available in the panel.
| Role | Description |
|---|---|
Admin | Full rights to all user data and site content of the specific site. |
Editor | Full rights to all user data and site content of the specific site. |
Moderator | Full rights to all user data, no access to managing site content. |
Member | Rights to it's own data and content |
Anonymous | Minimal user data, for some application liking without logging in. |
Generate certificates with openssl (used for signing JSON tokens)
Put them in a dir called /certs. Code expects certs/privatekey.pem.
Login with token
After generating the token the console outputs. If you miss this you can find this in the mysql table: unique_codes (should just be one row). This code will allow you to login with a unique token. After you will be asked. You can change the login options at the client screen.
Integration with external sites
1. Create a client in the mysql database.
Set the site Url en redirectUrl. Give the site a good name, they will see this in different login screens.
2. Use an NodeJS oAuth2 client to integrate
For instance grant or ...
Authorize url: APP_URL/dialog/authorize Access url: APP_URL/oauth/token
A rough admin panel was developed, but not being used since we use the openstad admin panel for this, a rough working version with views & routes can be found in the branch feature/rough-admin-panel
DEVELOPMENT
If you are run a dev environment without SSL, turn off secure cookies in .env
Last updated