Authentication / Authorization
The Beapi Springboot Starter has several built-in tools to help you get loggedIn/Logout and secure your users access.. Below is an explanation of those tools and how to use them.
Authentication/Authorization
User management including authentication/authorization are BUILT-IN. You can login and get a token using the following methids...
Authentication
Assuming you already have a 'registered acct', you can 'authenticate' using the following command:curl -v -c ./cookies.txt -H "Content-Type: application/json" -X POST -d '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD"}' http://YOURSITE:8080/authenticateAn example of authenticating via Javascript/Jquery is below:
$('#login').submit(function (event) { event.preventDefault(); var jsonData = {"username":$('#username').val(),"password":$('#password').val() }; $.ajax({ type: 'POST', url: window.url + "/authenticate", cache:false, async:true, contentType: 'application/json', data: JSON.stringify(jsonData), //dataType:'json', headers: { 'Access-Control-Allow-Origin': 'http://test.nosegrind.net:8080' }, xhrFields:{ withCredentials: true }, crossDomain: true, error: function (xhr, textStatus, thrownError){ console.log('error: ' + thrownError); }, success: function (data, textStatus, xhr){ console.log('success'); }, complete: function (xhr, textStatus) { console.log('complete'); } }).done(function(data, textStatus, jqXHR) { console.log('done : '+textStatus); if(textStatus=='success'){ var tmp = jqXHR.responseText localStorage.setItem('token', tmp); // reload header var header = null; var test = localStorage.getItem('token'); if(test!=null){ header = "common/admin_header.html"; }else{ header = "common/nologin_header.html"; } $("#orp_header").load(header); location.reload(); }; }).fail(function(jqXHR, textStatus, errorThrown) { alert(textStatus); var msg = ''; if (jqXHR.status === 0) { msg = 'Not connected.Verify Network.'+window.url+'.Error:'+errorThrown; } else if (jqXHR.status == 404) { msg = 'Requested page not found. [404]\n' + jqXHR.responseText; } else if (jqXHR.status == 500) { msg = 'Internal Server Error [500].\n' + jqXHR.responseText; } else if (exception === 'parsererror') { msg = 'Bad Credentials. Please Try Again'; } else if (exception === 'timeout') { msg = 'Time out error.'; } else if (exception === 'abort') { msg = 'Ajax request aborted.'; } else { msg = 'Uncaught Error.\n' + jqXHR.responseText; } alert(msg); }) });Authorization
Once you get back a token, you can use it in followup requests like so:curl -v -b ./cookies.txt -H "Content-Type: application/json" -H "Authorization: Bearer YOUR_TOKEN" --request GET "http://YOURSITE:8080/v1.0/user/show?id%3Dtest"
NOTE: One must first have an account prior to auth. Admin/test accounts are autobootstrapped for testing in the beapi_api.yml file (which can be used to test).
Mail Server Setup
Two-factor auth is used for 'registration/'forgot password' functionality. For this, you need to create an acct at 'twilio'/'sendgrid'
- [SendGrid] Create or log in to your SendGrid account
- [SendGrid] Create a SendGrid API Key
- [SendGrid] Set up domain authentication
- [SendGrid] Create an email template
- [Verify] Create a Verify service
- [BEAPI] Change mail server config (see below)
The following variables in the beapi_api.yml file, need to be changed to match your mail server setup...
...
mail:
host: 'smtp.sendgrid.net'
port: 587
username: 'apikey'
password: "password"
fromAddress: 'donotrespond@yoursite.com'
senderName: 'beapi.io'
smtpAuth: true
smtpStarttlsEnable: true
testemail: 'youremail@gmail.com'