I'm trying to secure my Node.JS app with Keycloak, but my app doesn't use express. I have searched extensively, but to me, it seems like this is impossible, at least with the libraries provided officially by Keycloak. (“keycloak without express” just turns up no results at all)
I'm somewhat new to the keycloack ecosystem though, and would be delighted if anyone could offer some solution to my problem!
Keycloak offers Node.js adapter. Yes, examples in the doc are for express.js, but nothing stopping you to use it in any Node.js app (of course it depends how that Node.js app is implemented).
Anyway, Keycloak is not based on any legacy protocol, but on the OIDC standard, so you can use any OIDC library. It really doesn't need to have 'keycloak' in the name. You can start from OIDC certified libraries.
Related
I'm looking for advice on the best way to integrate Django / Django Rest Framework with OpenId connect (we're using Keycloak but I think using the protocol is probably more flexible).
There seems to be several option out there, but it would be good to have something that works as seamlessly as possible with Django and DRF – so session and API authentication working like the baked in Django version, and ideally access to external logon screens if using admin/DRF API endpoint. What is straightforward to set up and well supported?
What I will ultimately be doing is trying to change an existing Django/React application, but for the purposes of this discussion let's assume it's a basic application something like the ones set up in the Django tutorial and Django Rest framework quickstart (https://docs.djangoproject.com/en/3.1/intro/tutorial01/ to tutorial01 and https://www.django-rest-framework.org/tutorial/quickstart/).
I hope that's enough as I fairly new to this – I can create some sort of simple application in Github if this isn't a clear enough basis for a discussion.
Any help would be much appreciated. Even better if you have an example (!).
I am in process of developing a POC as a part of technology overhaul.
For this i have developed a couple of Service endpoints using HAPI. I want to secure these web-services using Oauth 2.0 mechanism.
2 options that i have:
- Using the oauth2.0 support of npm which comes for express.
- Manually create the keys, share and then encrypt/decrypt.(node-rsa)
Being a novice to Nodejs i am unable to find a solid path for accomplishing this, and am a little skeptical.
Any help or examples would be really appriciated.
-V
Since you are working with Hapi I'd suggest leveraging the Bell plugin.
Support baked in for common third-party providers, but you can easily create a custom provider (detailed in the API docs).
My company is wanting to migrate their entire site to Shopify. We use node for our backend, so we're hoping to integrate that into the site. I am new though, and not experienced with node or Shopify app development, so I was hoping to find a tutorial or guide, but it seems that almost all resources are specifically for ruby. Is there anything out there I'm just not seeing?
Bonus question:
Is express routing possible on Shopify?
The node-shopify-api library has some decent examples as well as being a very useful core of a Node based Shopify app.
Routing is possible only for apps attached at a proxy url.
The requirements of most web applications regarding the management of users are fairly common:
A user registers himself
Receives an email for confirmation
Requests a forgotten password
An admin person assigns a role to the user, etc.
Is there a node.js/express.js project that has already implemented the flow and is customizable?
Passport.js allows the application to only authenticate but not perform the functions listed above. I have seen Drywall. It uses MongoDB.
I am looking for a module that lets me customize the user storage mechanism as well, so that I can use my own MySQL DB to store users.
ASP .NET provides such features in the membership module and also lets developers customize it completely. Do we have something for Node.js?
I use sails framework and there are some packages that integrates with sails. For authentication i found this package: https://github.com/kasperisager/sails-generate-auth, maybe it help you.
To build on Victor's answer, there is a comprehensive user/role management system for express called sails-permissions that is based on sails.js.
I think you will have to use Drywall and customize it to use mySQL. It's uncommon to use mySQL for node.js as you know already.
Maybe this article will help you with the mySQL integration:
http://teknosains.com/i/simple-crud-nodejs-mysql
I am interested in develop a rt module for my website with socketstream + node.js. I am only interested in do the server side in socketstream, not the client side. How can I access the socketstream from a normal php/html app, wich js i have to include ? I am mainly interested in rpc, pub/sub and authentication/session.
I would not recommend doing this, as it is unorthodox.
That said, I do recall that someone wanted to use an early version of SocketStream from within their application, which was built on the .net platform. It turned out that they got it to work by embedding the SocketStream app's web page inside of an iframe.
Check out to this framework:
http://www.socketstream.org/
Comes with a lot of examples and it's easy to use.