Shulou(Shulou.com)06/02 Report--

Today, I will talk to you about how to build an OAuth2 server for Node.JS, Mongoose and Jade. Many people may not know much about it. In order to make you understand better, the editor has summarized the following for you. I hope you can get something according to this article.

Today we are going to look at a practical application of Node.JS. This is an OAuth3 server built by foreign Paper application developers. The main technologies used include:

-Express framework of Node.JS

-Mongoose toolset, a popular library of Mongodb, for easy modeling.

-bcrypt for password encryption

-superagent for testing

Papers is a paper database mobile application, available in iOS and Android versions. Students who write papers will need it. For an introduction to it, please refer to the developer's official blog. Http://blog.papersapp.com/oauth-server-in-node-js/

Although Papers is not open source, the author has packaged the written node-oauth3-server module and the authentication process of Papers on GitHub, which we can download and study:

Https://github.com/mekentosj/oauth3-example

In the Models directory in the code, we can clearly see the Schema definition of Model. From here, we can understand the main data structures that need to be processed by OAuth3, including access_token, refresh_token, oauth_client.

Var OAuthAccessTokensSchema = new Schema ({accessToken: {type: String, required: true, unique: true}, clientId: String, userId: {type: String, required: true}, expires: Date}); var OAuthRefreshTokensSchema = new Schema ({refreshToken: {type: String, required: true, unique: true}, clientId: String, userId: {type: String, required: true}, expires: Date}) Var OAuthClientsSchema = new Schema ({clientId: String, clientSecret: String, redirectUri: String}); var OAuthUsersSchema = new Schema ({email: {type: String, unique: true, required: true}, hashed_password: {type: String, required: true}, password_reset_token: {type: String, unique: true}, reset_token_expires: Date, firstname: String, lastname: String})

By running seed.js in the code, we create a user. Exe.

Var app = require ('. / app'); var models = require ('. / models'); models.User.create ({email: 'alex@example.com', hashed_password:' $2a$10 $aZB36UooZpL.fAgbQVN/j.pfZVVvkHxEnj7vfkVSqwBOBZbB/IAAK'}, function () {models.OAuthClientsModel.create ({clientId: 'papers3', clientSecret:' 123, redirectUri:'/ oauth/redirect'}, function () {process.exit ()) );})

So we can start to experience the OAuth3 server of Node.JS. First let Mongo run, responsible for the background database, such as "mongod-dbpath. /", and then run "npm start".

Oliverluan@localhost:~/Documents/EvWork/node_oauth3_example/oauth3-example$ npm start > oauth3-experiment@0.0.1 start / Users/oliverluan/Documents/EvWork/node_oauth3_example/oauth3-example >. / node_modules/.bin/nodemon server.js 14 Apr 07:02:43-[nodemon] v1.0.17 14 Apr 07:02:43-[nodemon] to restart at any time Enter `rs`14 Apr 07:02:43-[nodemon] watching: *. * 14 Apr 07:02:43-[nodemon] starting `node server.js` connect.multipart () will be removed in connect 3.0 visit https://github.com/senchalabs/connect/wiki/Connect-3.0 for alternatives connect.limit () will be removed in connect 3.0 Express server listening on port: 3000 POST / oauth/token 200 102ms-175b GET / secret 200 2ms-11b

Simulate an access token request from Oauth3 and run this file (node getToken.js)

Var request = require ('request'); / / client_id var t_client_id =' papers3'; / / client_secret var t_client_secret = '123'; / / clientCredentials is combined in client_id:client_secret and converted into Base64-encoded var clientCredentials = (t_client_id +':'+ t_client_secret) .toString ('base64'); / / username var t_username =' alex@example.com'; / / password var t_password = 'test' Console.log (clientCredentials) / / send Post request to get Token request.post ({url: 'http://' + clientCredentials +' @ localhost:3000/oauth/token', form: {grant_type: 'password', username: t_username, password: t_password, client_id: t_client_id, client_secret: t_client_secret},}, function (err, res, body) {console.log (body)) / get Token var accessToken = JSON.parse (body) .access_token; request.get ({url: 'http://localhost:3000/secret', headers: {Authorization:' Bearer'+ accessToken}}, function (err, res, body) {console.log (body);});})

Successfully obtained access token.

Oliverluan@localhost:~/Documents/EvWork/node_oauth3_example/oauth3-example$ node getToken.js papers3:123 {"token_type": "bearer", "access_token": "620bb362f32857d5174802e06065305874953597", "expires_in": 3600, "refresh_token": "569be5f4cc1ea943021b3676eaa2a51825c2c257"} Secret area after reading the above, do you have any further understanding of how Node.JS, Mongoose and Jade build OAuth2 servers? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.