feathers icon indicating copy to clipboard operation
feathers copied to clipboard

Published 20 hours ago verified publisher icon feathersjs

authentication: use iaas providers and custom auth service

Open florianbepunkt opened this issue 6 years ago • 6 comments

This is neither a bug nor a feature request. I read that the authentication system is refactored for the next release and wonder whether this will address my use case:

I use Amazon Cognito for authentication and authorization. I authenticate my client directly with my AWS Cognito user pool, which gives me an access token on the client, that I would like to use to access backend resources, amongst them some feathers services. Currently I use custom hooks to validate the access token, but I would prefer to use some convenience methods of the feathers auth mechanism and its surrounding plugins.

As far as I know currently this is not possible since feathers auth system has the underlying design choice that you have a service that issues JWT tokens. But in my case I already got the tokens – I just need to validate them on the backend and allow/deny access to services based on the token.

Furthermore I would like to leverage some of the existing auth mechanisms such as populate requests with user entity that would be fetched from a DB based on some claims in the existing JWT token and some existing feathers auth plugins.

I know that this all is can already be achieved via hooks (currently I have some sort of own auth system that only verifies tokens). But I would like to know if custom auth services, and specifically the process of getting tokens from a third party provider, is something that will be covered by next version?

florianbepunkt avatar Dec 01 '18 23:12 florianbepunkt

+1

rkahle avatar Dec 10 '18 13:12 rkahle

+1

b3tts32 avatar Feb 25 '19 03:02 b3tts32

💯

colinphillips67 avatar Mar 12 '19 16:03 colinphillips67

@florianbepunkt - I'm new to feathers and I'm looking to do what you described above: authenticate with AWS Cognito and use the Cognito provided JWT to authenticate to the feathers server. I have implemented authentication via Cognito and AWS Amplify and I'm using the JWT that I get at the client to authenticate my Apollo GraphQL API. I would like to do the same sort of thing in Feathers. How do you get the JWT from the client to the server, and once there how do you get the JWT so that you can validate it? For reference I started with (and am modifying) the feathers-chat and feathers-chat-react apps. Thanks in advance.

colinphillips67 avatar Mar 12 '19 19:03 colinphillips67

I uploaded an example here: https://github.com/florianbepunkt/feathers-cognito-example

florianbepunkt avatar Mar 12 '19 19:03 florianbepunkt

I'd love to add an example for the newest version to the Cookbook. Looks like there isn't a lot of resources on how to do this with NodeJS/Express in general though.

daffl avatar Aug 27 '19 18:08 daffl