If none of these configurable authentication providers suit you, you can always write your own authorization provider by applying the following convention, similar to data providers.
Authentication providers must comply with a specific agreement to allow communication with the Olobase Admin. The next object represents the minimum contract that must be implemented:
const authProvider = {
login: ({ username, password }) => Promise,
logout: () => Promise,
checkAuth: () => Promise,
checkError: (error) => Promise,
getFullname: (user) => String,
getEmail: (user) => String,
getAvatar: (user) => String,
getPermissions: (user) => Array,
}All of these methods can be explained as follows:
| Operation | Description |
|---|---|
| login | Sends credentials to your API. If the response status code is outside the 2xx range, a rejected promise should return. If successful, checkAuth is called. |
| logout | Explicitly logout from your API. If successful, checkAuth is called. |
| checkAuth | Checks the current authentication validity by retrieving user information from a specific API endpoint. Called after every client-side route navigation. If successful, refresh the user information in the public authentication store. If it fails, clear the authentication store information and redirect to the login page. |
| checkError | Called after each API error, it allows you to take special actions based on the API error condition. Do automatic logout if rejection promise is returned. The most common use case is to force automatic logout if the API returns a 401 or 403 status code. |
| getName | Return the user's full name from the authenticated user object. Used to show the username in the user title dropdown menu. |
| getEmail | Return the user's email from the authenticated user object. Used to show email in user title dropdown menu. |
| getPermissions | Return the roles/permissions for the authenticated user. Used for Authorization System. |