Skip to content

Instantly share code, notes, and snippets.

@iagocaldeira

iagocaldeira/WaterlockAuthExplain.md

Created February 26, 2015 00:02
Show Gist options
  • Save iagocaldeira/7e33377d95c73aac8c78 to your computer and use it in GitHub Desktop.
Save iagocaldeira/7e33377d95c73aac8c78 to your computer and use it in GitHub Desktop.
Download ZIP
AutenticacaoWaterlock.md
Raw
WaterlockAuthExplain.md

Autenticação Utilizando Waterlock

######Criado por Iago Caldeira

O Waterlock é uma biblioteca criada para o Sails que implementa autenticação e JSON Web Token

Links

Sails.js - https://github.com/balderdashy/sails

Waterlock - https://github.com/waterlock/waterlock

Waterlock-auth-local - https://github.com/waterlock/waterlock-local-auth

Instalação

npm install waterlock
npm install waterlock-local-auth
./node_modules/.bin/waterlock generate all
sails lift

Sails 0.11 | Node 0.10.26 | Waterlock 0.0.10 | Waterlock-auth-local

Implementação

Policies

Exemplo:

module.exports.policies = {
'*': ['sessionAuth'], // Todos os actions não citados sofrem a necessidade de login
fooController:{
    'fooAction':true, // Método sem necessidade de login
    'fooAction':['sessionAuth'] // Método com necessidade de login 
},
 // **IMPORTANTE** Se não ativo, não é possivel fazer login pela primeira política
 // '*': ['sessionAuth']
Auth:{
    'login':true
}
};

Routes

As rotas devem sempre estar ligadas as actions dos Controllers e não diretamente as views, já que o Sails não implementa polices ligadas as views, a não ser quando existe um middleware para a view que executa uma ação e sofre com as polices

NOTE: policies apply only to controller actions, not to views. If you define a route in your routes.js config file that points directly to a view, no policies will be applied to it. To make sure policies are applied, you can instead define a controller action which displays your view, and point your route to that action.

NOTE: Just because a request matches a route address doesn't necessarily mean it will be passed to that route's target directly. For instance, HTTP requests will usually pass through some middleware first. And if the route points to a controller action, the request will need to pass through any configured policies first. Finally, there are a few special route options which allow a route to be "skipped" for certain kinds of requests.

HTML

Login

Exemplo:

<form class="form-horizontal " action="/auth/login" method="POST">
    <input type="email" class="form-control" name="email" id="email" placeholder="Email">
    <input type="password" class="form-control" name="password" id="password" placeholder="Senha">
    <button type="submit" class="btn btn-primary btn-material-indigo">Entrar</button>
</form>
Logout

Exemplo:

<a href='/auth/logout' id='logout-icon' title='Logout'>

Foi implementada uma rota por questões estéticas para ao invés do acesso ser feito através da url /auth/logout para ela ser acessada em /logout

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment