Sunday, January 4, 2015

HowTo: Implement Ember.js authentication that uses a dedicated RESTful authorisation service built with Sails.js

This blog post steps through the implementation procedures on adding authentication features for an Ember Single-Page-Application (SPA). We makes use of ember-cli-simple-auth/ember-cli-simple-auth-token addons for providing authentication functionality. As a result, we will be able to call Sails.js RESTful authorisation service using JSON Web Token (JWT).

Note! Below implementation was tested on the following versions of software:

  • Ember-cli: 0.1.4
  • Node.js: 0.10.35
  • NPM: 2.1.10
  • Sails: 0.10.5
  • PostgreSQL: 9.3.5


Step A: Setup a Sails.js RESTful authorisation service

In-order to create a new Sails.js project that implements the authorisation service, we run the below commands:
$ sails new jwt_authservice
$ cd jwt_authservice
$ sails lift --verbose
$ npm install sails-postgresql

Now, carry-out the following customisation for the above generated project:

1. Modify PORT address from the default to 1338, in the following file '/config/local.js' as shown below:
...
port: process.env.PORT || 1338,
...

2. Now, enable CORS on all routes in the file ‘/config/cors.js’ as follows (Note: This will enable cross-site calls):
...
allRoutes: true,
...

3. Now, setup a dedicated Postgresql database for persisting user authorisation dataset

  Create a new PostgreSQL database with the following name => 'userauthoriser_db'


4. Now, bind the above created postgreSQL db within your project:

    a. Configure the type of database in use in the file ‘/config/models.js’ as shown below:
...
connection: 'postgresqlServer',
...

...
migrate: 'alter'
//migrate: 'safe'
...

    b. Configure the postgreSQL db credintials in the file ‘/config/connections.js’ as shown below:
...
postgresqlServer: {
  adapter: 'sails-postgresql',
  host: 'localhost',
  user: 'postgres',
  password: 'carpenter',
  database: 'userauthoriser_trademaker'
}
...

5. Now, install 'Waterlock' generator for your Sails.js project. This 'Waterlock' toolchain adds the capability to generate user authentication service via JWT. So, run the below commands:
$ npm install --save-dev waterlock
$ npm install waterlock-local-auth --python=python2.7
$ ./node_modules/.bin/waterlock generate all
  Below files will be generated automatically:
  ------------
  info: generating .../jwt_authservice/api/models/Attempt.js
  info: generating .../jwt_authservice/api/models/Auth.js
  info: generating .../jwt_authservice/api/models/Jwt.js
  info: generating .../jwt_authservice/api/models/Use.js
  info: generating .../jwt_authservice/api/models/User.js
  info: generating .../jwt_authservice/api/models/ResetToken.js
  info: generating .../jwt_authservice/api/controllers/AuthController.js
  info: generating .../jwt_authservice/api/controllers/UserController.js
  info: generating .../jwt_authservice/config/waterlock.js
  info: generating .../jwt_authservice/api/policies/hasJsonWebToken.js
  info: generating .../jwt_authservice/views/email.jade
  ------------

6. Now, once again modify all the PORT addresses that occur from default to 1338 in the following file '/config/waterlock.js'.

7. Now, your are ready to lift the sails server, run the below command:
$ sails console
  Optional step: Peak into the dataset created by this Sails.js app, i.e. look up all users/auths:
  http://localhost:1338/user
  http://localhost:1338/auth


Step B: Implement authentication in your Ember-cli project

Your Ember-cli project needs to communicate to the above created Sails.js RESTful authorisation service using JWT. We can make use of 'ember-cli-simple-auth' &  'ember-cli-simple-auth-token' ember-cli addons for this purposes. So, here are the installation & configuration procedures for the addons:

1. Install Ember-addon => 'ember-cli-simple-auth'
$ npm install --save-dev ember-cli-simple-auth
$ ember generate ember-cli-simple-auth

2. Install Ember-addon => 'ember-cli-simple-auth-token'
$ npm install --save-dev ember-cli-simple-auth-token
$ ember generate simple-auth-token
$ bower install

  Recommed JWT setup for communicating with Sails.js RESTful authorisation service is as follows:

  Modify the file 'config/environment.js' as shown below:
...
// The Authorizer
ENV['simple-auth'] = {
  authorizer: 'simple-auth-authorizer:token',
  crossOriginWhitelist: ['http://localhost:1338']
};

// Sailsjs JSON Web Token (JWT) Configuration
ENV['simple-auth-token'] = {
  serverTokenEndpoint: 'http://localhost:1338/auth/login',
  authorizationPrefix: 'JWT ',
  tokenPropertyName: 'token',
  authorizationHeaderName: 'X-Auth',
  identificationField: 'email'
};
...


Reference:
- Sails.js related:
  • http://waterlock.ninja/
  • Getting Started with Waterlock (Video Tutorial)
  • https://github.com/wieseljonas/SaneAuth
  • http://discuss.emberjs.com/t/simple-admin-login-ember-js-sails-js/5840
- Ember.js related:
  • https://github.com/simplabs/ember-cli-simple-auth
  • https://github.com/jpadilla/ember-cli-simple-auth-token
  • https://github.com/simplabs/ember-simple-auth
  • https://github.com/simplabs/ember-cli-simple-auth-example
Posted by at 2 comments:
Subscribe to: Posts (Atom)