# r-oauth2 ## OAuth2 in RethinkDB and 150 lines of code. For RethinkDBDash and Express. ### By Chris Cates :star: - :mailbox: chris@pilotinteractive.ca - :computer: http://pilotinteractive.ca Intended to be used with Express. R-OAuth2 is a non prescriptive method for storing sessions with OAuth2 protocol. It automatically generates your OAuth2 database and tables. ### Features - HMAC SHA3 Cryptography. - BCrypt - Non prescriptive method. - Simple functions to restrict and authenticate endpoints. - 5 minute configuration and setup. ### Installation `npm install r-oauth2 --save` ### Configuration and Example The example below should walk you through how to create your own OAuth2 server. #### If using bcrypt - When you go to the `generateClient()` endpoint. You have to supply a clientId clientSecret and grantType. - When you go to the `generateToken()` endpoint. You have to supply the original unencrypted clientSecret. ```javascript var r = require('rethinkdbdash')(); //Create database require('rethink-config')({ "r": r, "database": "oauth", "tables": ["users", "token"] }) //Dependencies var express = require('express'); var bodyParser = require('body-parser'); var oauth2 = require('../index'); // in real world you would do `var oauth2 = require('r-oauth2')` //Initialize oauth2 module oauth2.init({ 'r': r }); /* Alternatively you can supply a configuration object. var config = { r: RethinkDBDash initialized object db: Desired database, oauthTable: Where OAuth clients are stored, tokenTable: Where Tokens are stored, expiry: Set how long until a token expires, bcrypt: Set bcrypt to be enabled true or false. } oauth2.init(config); */ app = express(); //Enable JSON to be parsed and passed in request. app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); //Enable CORS - Note you need to add `Authorization` in the headers. app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, authorization"); res.header('Access-Control-Allow-Methods', 'POST, PATCH, GET, PUT, DELETE, OPTIONS'); next(); }); /* Generate a Client ID and Client Secret All that's required in the body is `grantType`. */ app.post('/client', oauth2.generateClient()); /* Generate an access token and refresh token All that's required in is the client object supplied by `/client` */ app.post('/oauth', oauth2.generateToken()); /* Generate a new token exchanging the old one All that's required is the `refreshToken parameter` */ app.post('/refresh', oauth2.refreshToken()); /* To access a restricted area you must put in your header `Authorization: Bearer [Access Token]` */ app.get('/restricted', oauth2.authenticate(), function(req,res,next) { res.send('Restricted area accessed.'); }) app.get('/', function(req,res,next) { res.send('Open area.'); }) app.listen(9001); console.log("Demo server running on port 9001") ``` ### Demo - Demo can be found in `/demo` in this github repo. - You can run :coffee: the mocha test by running. 1. `npm install` in the `/demo` directory. 2. `sudo npm install mocha -g` in the `demo` directory. 3. `npm start` in the `demo` directory. 4. In a new tab: `npm test` in the `demo` directory. Note that you can alternatively run the server then use the postman collection to test the demo. #### By Chris Cates -- Thanks for checking out this npm module. Any questions, email me at :mailbox: chris@pilotinteractive.ca