From 2bdc05ae15947edc64782dd0eeb987207f605576 Mon Sep 17 00:00:00 2001 From: Paul Nelson Date: Sat, 20 Jan 2018 13:35:54 -0600 Subject: [PATCH 1/4] Add example and documentation around triggering login modal #234 --- docs/securing-unleash.md | 10 ++++++++++ examples/basic-auth-hook.js | 5 ++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/docs/securing-unleash.md b/docs/securing-unleash.md index 67a4214313..43a1dc3652 100644 --- a/docs/securing-unleash.md +++ b/docs/securing-unleash.md @@ -22,6 +22,16 @@ unleash.start({ }); ``` +Additionally, you can trigger the admin interfact to prompt the user to sign in by configuring your middleware to return a `401` status on +protected routes. The response body must contain a `message` and a `path` used to redirect the user to the proper login route. + +```json +{ + "message": "You must be logged in to use Unlseash", + "path": "/custom/login" +} +``` + Examples on custom authentication hooks: - [google-auth-hook.js](https://github.com/Unleash/unleash/blob/master/examples/google-auth-hook.js) - [basic-auth-hook.js](https://github.com/Unleash/unleash/blob/master/examples/basic-auth-hook.js) diff --git a/examples/basic-auth-hook.js b/examples/basic-auth-hook.js index 7d09b27278..ea0c88a765 100644 --- a/examples/basic-auth-hook.js +++ b/examples/basic-auth-hook.js @@ -16,7 +16,10 @@ function basicAuthentication(app) { return res .status('401') .set({ 'WWW-Authenticate': 'Basic realm="example"' }) - .end('access denied'); + .send({ + message: 'You must be authenticated to use Unleash', + path: '/custom/login', + }); } }); From b9c432d61758436c476871995e01d2267f44a08b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivar=20Conradi=20=C3=98sthus?= Date: Tue, 23 Jan 2018 08:55:10 +0100 Subject: [PATCH 2/4] Fix typo --- docs/securing-unleash.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/securing-unleash.md b/docs/securing-unleash.md index 43a1dc3652..d7d2b6c735 100644 --- a/docs/securing-unleash.md +++ b/docs/securing-unleash.md @@ -27,7 +27,7 @@ protected routes. The response body must contain a `message` and a `path` used t ```json { - "message": "You must be logged in to use Unlseash", + "message": "You must be logged in to use Unleash", "path": "/custom/login" } ``` From 20e690bea2924543918008ee28cbee117c852130 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivar=20Conradi=20=C3=98sthus?= Date: Tue, 23 Jan 2018 08:56:04 +0100 Subject: [PATCH 3/4] Update basic-auth-hook.js --- examples/basic-auth-hook.js | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/examples/basic-auth-hook.js b/examples/basic-auth-hook.js index ea0c88a765..70ec49a3fe 100644 --- a/examples/basic-auth-hook.js +++ b/examples/basic-auth-hook.js @@ -16,10 +16,7 @@ function basicAuthentication(app) { return res .status('401') .set({ 'WWW-Authenticate': 'Basic realm="example"' }) - .send({ - message: 'You must be authenticated to use Unleash', - path: '/custom/login', - }); + .send('access denied'); } }); From 25ec01fe6f9c919291fed6e4e33240217b87313e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivar=20Conradi=20=C3=98sthus?= Date: Tue, 23 Jan 2018 08:56:22 +0100 Subject: [PATCH 4/4] Update basic-auth-hook.js --- examples/basic-auth-hook.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/basic-auth-hook.js b/examples/basic-auth-hook.js index 70ec49a3fe..7d09b27278 100644 --- a/examples/basic-auth-hook.js +++ b/examples/basic-auth-hook.js @@ -16,7 +16,7 @@ function basicAuthentication(app) { return res .status('401') .set({ 'WWW-Authenticate': 'Basic realm="example"' }) - .send('access denied'); + .end('access denied'); } });