Conduit Authorization and Authentication Snippets

Enable OAuth 2.0
1
import 'package:conduit/conduit.dart';
2
import 'package:conduit/managed_auth.dart';
3
​
4
class AppChannel extends ApplicationChannel {
5
  AuthServer authServer;
6
  ManagedContext context;
7
​
8
  @override
9
  Future prepare() async {
10
    final dataModel = new ManagedDataModel.fromCurrentMirrorSystem();
11
    final psc = new PostgreSQLPersistentStore(
12
        "username",
13
        "password",
14
        "localhost",
15
        5432
16
        "my_app");
17
​
18
    context = new ManagedContext(dataModel, psc);
19
​
20
    final delegate = new ManagedAuthDelegate<User>(context);
21
    authServer = new AuthServer(delegate);
22
  }
23
​
24
  @override
25
  Controller get entryPoint {
26
    final router = Router();
27
    router.route("/auth/token").link(() => AuthController(authServer));  
28
    return router;
29
  }
30
}
Copied!
Add OAuth 2.0 Clients to Database
1
conduit auth add-client \
2
  --id com.app.test \
3
  --secret supersecret \
4
  --allowed-scopes 'profile kiosk:location raw_db_access.readonly' \
5
  --connect postgres://username:[email protected]:5432/my_app
Copied!
Require OAuth 2.0 Scope to Access Routes
1
import 'package:conduit/conduit.dart';
2
import 'package:conduit/managed_auth.dart';
3
​
4
class AppChannel extends ApplicationChannel {
5
  AuthServer authServer;
6
  ManagedContext context;
7
​
8
  @override
9
  Future prepare() async {
10
    final dataModel = ManagedDataModel.fromCurrentMirrorSystem();
11
    final psc = PostgreSQLPersistentStore(
12
        "username",
13
        "password",
14
        "localhost",
15
        5432
16
        "my_app");
17
​
18
    context = new ManagedContext(dataModel, psc);
19
​
20
    final delegate = ManagedAuthDelegate<User>(context);
21
    authServer = AuthServer(delegate);
22
  }
23
​
24
  @override
25
  Controller get entryPoint {
26
    router.route("/auth/token").link(() => AuthController(authServer));
27
​
28
    router
29
      .route("/profile")
30
      .link(() => Authorizer.bearer(authServer, scopes: ["profile.readonly"]))
31
      .link(() => ProfileController(context));
32
  }
33
}
34
​
35
class ProfileController extends ResourceController {
36
  ProfileController(this.context);
37
​
38
  final ManagedContext context;
39
​
40
  @Operation.get()
41
  Future<Response> getProfile() async {
42
    final id = request.authorization.ownerID;
43
    final query = new Query<User>(context)
44
      ..where((u) => u.id).equalTo(id);
45
​
46
    return new Response.ok(await query.fetchOne());
47
  }
48
}
Copied!
Basic Authentication
1
import 'package:conduit/conduit.dart';
2
​
3
class AppChannel extends ApplicationChannel {
4
  @override
5
  Controller get entryPoint {
6
    final router = new Router();
7
    router
8
      .route("/profile")
9
      .link(() => Authorizer.basic(PasswordVerifier()))
10
      .linkFunction((req) async => new Response.ok(null));
11
​
12
    return router;
13
  }
14
}
15
​
16
class PasswordVerifier extends AuthValidator {
17
  @override
18
  FutureOr<Authorization> validate<T>(AuthorizationParser<T> parser, T authorizationData, {List<AuthScope> requiredScope}) {
19
    if (!isPasswordCorrect(authorizationData)) {
20
      return null;
21
    }
22
​
23
    return Authorization(null, authorizationData.username, this);
24
  }
25
}
Copied!
Add OAuth 2.0 Authorization Code Flow
1
import 'package:conduit/conduit.dart';
2
import 'package:conduit/managed_auth.dart';
3
​
4
class AppChannel extends ApplicationChannel {
5
  AuthServer authServer;
6
  ManagedContext context;
7
​
8
  @override
9
  Future prepare() async {
10
    final dataModel = ManagedDataModel.fromCurrentMirrorSystem();
11
    final psc = PostgreSQLPersistentStore(
12
        "username",
13
        "password",
14
        "localhost",
15
        5432
16
        "my_app");
17
​
18
    context = new ManagedContext(dataModel, psc);
19
​
20
    final delegate = new ManagedAuthDelegate<User>(context);
21
    authServer = new AuthServer(delegate);
22
  }  
23
​
24
  @override
25
  Controller get entryPoint {
26
    final router = new Router();
27
​
28
    router.route("/auth/token").link(() => AuthController(authServer));  
29
​
30
    router.route("/auth/code").link(() => AuthCodeController(authServer, delegate: this));
31
​
32
    return router;
33
  }
34
​
35
  Future<String> render(AuthCodeController forController, Uri requestUri, String responseType, String clientID,
36
      String state, String scope) async {
37
    return """
38
<!DOCTYPE html>
39
<html lang="en">
40
​
41
<head>
42
    <meta charset="UTF-8">
43
    <title>Login</title>
44
</head>
45
​
46
<body>
47
<div class="container">
48
    <h1>Login</h1>
49
    <form action="${requestUri.path}" method="POST">
50
        <input type="hidden" name="state" value="$state">
51
        <input type="hidden" name="client_id" value="$clientID">
52
        <input type="hidden" name="response_type" value="$responseType">
53
        <div class="form-group">
54
            <label for="username">User Name</label>
55
            <input type="text" class="form-control" name="username" placeholder="Please enter your user name">
56
        </div>
57
        <div class="form-group">
58
            <label for="password">Password</label>
59
            <input type="password" class="form-control" name="password" placeholder="Please enter your password">
60
        </div>
61
        <button type="submit" class="btn btn-success">Login</button>
62
    </form>
63
</div>
64
</body>
65
​
66
</html>
67
    """;    
68
  }
69
}
Copied!
Conduit ORM Snippets
OpenAPI
Last modified 6mo ago
Copy link
Contents
Enable OAuth 2.0
Add OAuth 2.0 Clients to Database
Require OAuth 2.0 Scope to Access Routes
Basic Authentication
Add OAuth 2.0 Authorization Code Flow