The browserid-cors from toolness

browserid-cors's Introduction

This node module contains Express middleware for creating BrowserID-authenticated, CORS-enabled REST APIs.

The idea is that a static web page on any domain can send a BrowserID assertion to any number of CORS REST endpoints and receive a token back, which can be used for further authenticated access. The endpoints keep track not only of the email address of the user, but also the origin (e.g. http://foo.com) that is mediating interactions between the user and the endpoint.

This software is still in an embryonic state. Use at your own risk.

For an example of this middleware in use, see git-browserid-cors or the trivially simple manual test.

Example Scenario

For illustration, here's an example of a front-end at mysite.org communicating with two unrelated APIs at comments.org and favorites.org to provide backing services for the application:

The page at mysite.org might include the following JavaScript for logging the user in:

navigator.id.get(function(assertion) {
  $.post("https://comments.org/token", {
    assertion: assertion
  }, function(info) {
    /* Use info.accessToken for future interactions w/ the comments API
     * by either setting the 'X-Access-Token' header on requests or passing
     * 'accessToken' as a GET/POST parameter. */
  });

  $.post("https://favorites.org/token", {
    assertion: assertion
  }, function(info) {
    /* Use info.accessToken for future interactions w/ the favorites API. */
  });
}

On the server side, comments.org might consist of something akin to the following:

var express = require('express'),
    BrowserIDCORS = require('browserid-cors'),
    app = express.createServer(),
    bic = BrowserIDCORS();

app.use(express.bodyParser());
app.use(bic.fullCORS); // Shortcut for making our whole site CORS-friendly.
app.post('/token', bic.handleTokenRequest);
app.post('/comment', bic.requireAccessToken, function(req, res) {
  /* Use req.user.email to get the current user's email address, and
   * req.user.origin to get the origin of the site making this request
   * on the user's behalf. */
});

Quick Start

git clone git://github.com/toolness/browserid-cors.git
cd browserid-cors
npm install
npm test

browserid-cors's People

Contributors

Stargazers

Watchers

browserid-cors's Issues

Tests don't work.

/Users/jehan/browserid-cors/test/test-index.js:3
describe('BrowserIDCORS', function() {
^
ReferenceError: describe is not defined
at Object. (/Users/jehan/browserid-cors/test/test-index.js:3:1)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:901:3

Looks like a testing module is not installed or something. I may have a pull request for this soon.

Recommend Projects

toolness / browserid-cors Goto Github PK

browserid-cors's Introduction

Example Scenario

Quick Start

browserid-cors's People

Contributors

Stargazers

Watchers

Forkers

browserid-cors's Issues

Tests don't work.

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent