universal-social-auth
    TypeScript icon, indicating that this package has built-in type declarations

    0.2.5 • Public • Published

    Known Vulnerabilities

    universal-social-auth

    SPA universal social auth

    Laravel

    Php

    Vue2

    Vue3

    Nuxt

    React

    Angularjs

    More

    if you wish you can buy me a coffee @ Patreon

    universal-social-auth is easily configurable solution for frontend frameworks Vue2.js, Vue3.js, Nuxtjs, React, Angularjs, Otherjs Framework that support TypeScript & JavaScript & backend frameworks Laravel and Other Php Frameworks with Socialite that provides Social login using Github, Facebook, Google, Vkontakte and other OAuth providers can also work with Nodejs backend App.

    NOTE: 10x faster then vue-social-auth and less file sizes

    looking for old version vue-social-auth

    WARNING: Default request library is axios.

    NOTE: It also work with any Php with Socialite

    NOTE: New features*

    1: Ability to add none exsiting provider

    2: importation only Required provider

    3: No more Buffer fuction were call base on user request or needs

    4: Optional how to handle addition security validation like 2fa Email code if enabled by the user after first login

    5: Support for Native App framework Capacitorjs, Ionic, Cordova, Nativescript & More

    Default Provider: Apple Facebook Google Github Instagram Twitter Bitbucket Linkedin Vkontakte Live Oauth1, Oauth2 & Twitch

    NOTE: PR of New Provider can be submited default location src/providers/index.ts(https://github.com/diadal/universal-social-auth/src/providers/index.ts)

    Supported OAuth providers and configurations

    Installation

    firstly install Socialite

    NOTE: make sure you config your Socialite configuration data in services.php & .env for more details check https://socialiteproviders.netlify.com/

    composer require laravel/socialite
    or 
    composer require socialiteproviders/github
    

    Next install universal-social-auth

    npm install universal-social-auth

    Vue2 Example (https://github.com/diadal/universal-social-auth-test-vu2)

    Usage

    for Native App Frameworks config your APp to support Deep Link I used capacitorjs as an example and use Emitter to pass data to page component

    // Optional for Native App main.[js|ts] or app.[js|ts]
       void App.addListener('appUrlOpen', function(data) {
        const slug = data.url.split('.app').pop();
        if (slug) {
          const calback = '/callback';
          const ccode = slug.split('code=').pop();
          const checker = slug?.toString().includes(calback) && ccode;
          if (checker) {
            const code = getUrlParameter('code', data.url);
            const state = getUrlParameter('state', data.url);
            const idToken = getUrlParameter('id_token', data.url);
            const user = getUrlParameter('user', data.url);
            const postdata = {
              code: code,
              state: state,
              id_token: idToken,
              user: user
            };
            emitter.emit('OauthCall', postdata);
          } else {
            void router.push({
              path: slug
            });
          }
        }
      });
    
    
     
    import axios, { AxiosInstance } from 'axios'
    import UniversalSocialauth from 'universal-social-auth'
    or import {UniversalSocialauth} from 'universal-social-auth'
    
    
    `Vue3` declare module '@vue/runtime-core' {
                interface ComponentCustomProperties {
                    $axios: AxiosInstance;
                    $Oauth:UniversalSocialauth;
    
                }
                }
    const options = {
      providers: {
        apple: {
          nonce: '**************',
          state: '**************',
          clientId: '**************',
          responseMode: 'form_post',
          response_type: 'code  id_token',
          optionalUrlParams: ['response_mode', 'use_popup', 'state'],
          usePopup: true,
          redirectUri: 'https://myapp.com/auth/github/callback'
        },
        github: {
          clientId: '**************',
          redirectUri: 'https://myapp.com/auth/github/callback'
        },
        google: {
          clientId: '***************',
          redirectUri: 'https://myapp.com/auth/google/callback'
        },
        facebook: {
          clientId: '************',
          redirectUri: 'https://myapp.com/auth/facebook/callback'
        },
        twitter: {
          url: 'https://myapp.com/auth/twitter',
          clientId: '********',
          redirectUri: 'https://myapp.com/auth/twitter/callback'
        }
      }
    }
    
    const Oauth:UniversalSocialauth = new UniversalSocialauth(axios, options)
    
    
    `Vue2` Vue.prototype.$axios = axios
    `Vue2` Vue.prototype.$Oauth = Oauth
    
    `Vue3` app.config.globalProperties.$Oauth = Oauth
    `Vue3` app.config.globalProperties.$axios = axios
    
    `Other Framework` based on your global declaration

    Button Method 1 note the null value this equal null if you import all provider

    <button @click="useAuthProvider('github', null)">auth Github</button>
    <button @click="useAuthProvider('facebook', null)">auth Facebook</button>
    <button @click="useAuthProvider('google', null)">auth Google</button>
    <button @click="useAuthProvider('twitter', null)">auth Twitter</button>

    Button Method 2 note the note provider name eg: Github each provider must the imported individually & custom provider can be added eg: <button @click="useAuthProvider('mycustom', Mycustom)">auth Mycustom</button> this give ability to add none existing Provider

    <button @click="useAuthProvider('github', Github)">auth Github</button>
    <button @click="useAuthProvider('facebook', Facebook)">auth Facebook</button>
    <button @click="useAuthProvider('google', Google)">auth Google</button>
    <button @click="useAuthProvider('twitter', Twitter)">auth Twitter</button>
    <button @click="useAuthProvider('mycustom', Mycustom)">auth Mycustom</button>

    View Component

    <script lang="ts">
    import { ProderT } from 'universal-social-auth/dist/providers'
    
    // Button Method 1
    import { Providers} from 'universal-social-auth'
    
    // Button Method 2
    import { Github, Facebook, Google , Twitter} from 'universal-social-auth'
    const MycustomProvider = {
    
        // Mycustom provider datas
    }
    
    interface Rsp {
      code: string;
      provider: string;
      id_token: string;
      state: string;
      user: string | boolean;
    }
    const rps = {
      code: '',
      provider: '',
      id_token: '',
      state: '',
      user: ''
    };
    
    // Below are the functions to use inside you export default be `Vue3 Setup()` or `Vue2 data()` or other `Framework`
    const responseData = ref<Rsp>(rps);
    
     function useAuthProvider (provider:string, proData:Record<string, unknown>| null) {
          const pro = <ProderT>proData
          responseData.value.provider = provider
          const ProData = pro || <ProderT>Providers[provider]
          box.$Oauth.authenticate(provider, ProData).then((response) => {
            const rsp:{code:string} = <{code:string}>response
            if (rsp.code) {
               responseData.value.code = Oauth.code;
              responseData.value.state = Oauth.state;
              responseData.value.id_token = Oauth.id_token;
              responseData.value.user = Oauth.user !== true ? Oauth.user : '';
              useSocialLogin()
            }
          }).catch((err:unknown) => {
            console.log(err)
          })
        }
    
    
    async function useLoginFirst (e: User) {
        // this sample of how to pust user data to my store
          const firstlogin: boolean = await box.$auth.firstlogin(e)
          if (firstlogin) {
            const apm: string = box.$appName
            $q.notify({
              color: 'positive',
              textColor: 'white',
              message: `Welcome To ${apm}`,
              icon: 'mdi-alarm'
            })
            await box.$router.push({ name: 'dashboard' })
            return
          }
        }
    
      function useSocialLogin () {
          // otp from input Otp form 
          // hash user data in your backend with Cache or save to database
          const pdata = { 
            code: responseData.value.code,
            state: responseData.value.state,
            id_token: responseData.value.id_token,
            user: responseData.value.user,
            otp: data.value.tok,
            hash: hash.value
             }
          box.$axios.post('/social-login/' + responseData.value.provider, pdata).then(async (response) => {
              // `response` data base on your backend config 
            if (response.data.status === 444) {
              hash.value = response.data.hash
              fauth.value = true // Option show Otp form incase you using 2fa or any addition security apply to your app you can handle all that from here 
           
            }else if (response.data.status === 445) {
              //do something Optional  
           
            }else {
            
              await useLoginFirst(response.data.u)
            }
          }).catch((err:unknown) => {
            
            console.log(err)
          })
        }
    // Optional for Native App listen to the event `OauthCall` from your page component main.[js|ts] or app.[js|ts]
    
        emitter.on('OauthCall',  (e) => {
          if(e){
    
            responseData.value.code = e
            useSocialLogin()
    
          }
    
    
        })
    
    
    </script>

    NOTE: Dont forget to off emitter beforeDestroy or onBeforeUnmount if you are building for Native App

    Vue Router

            {
              path: '/auth/:provider/callback',
              component: {
                template: '<div class="auth-component"></div>'
              }
            },

    Vue is Done let move to backend config Laravel with Socialite

    Laravel Router

    Route::post('sociallogin/{provider}', 'Auth\AuthController@SocialSignup');
    
    // you need the post method to work with apple
    Route::post('auth/{provider}/callback', 'Auth\AuthAppController@AppleCode');
    
    Route::get('auth/{provider}/callback', 'OutController@index')->where('provider', '.*');
    

    OutController

    <?php
    
    namespace App\Http\Controllers;
    
    use Illuminate\Http\Request;
    
    class OutController extends Controller
    {
    
    
        public function __construct()
        {
    
        }
    
    
        public function index()
        {
    
          return view('welcome');
    
        }
    }
    

    Auth\AuthController

    <?php
    
    namespace App\Http\Controllers\Auth;
    
    use App\Http\Controllers\Controller;
    use Illuminate\Http\Request;
    
    use Socialite;
    
    class AuthController extends Controller
    {
    
    
        public function __construct()
        {
    
        }
    
      // note if you are using sign by apple you need this
        public function AppleCode(Request $r, $provider)
        {
           // you can get apple code or finish all the process once passing $r->user & $r->id_token optional depend on what you can to achieve
            if ($r->user && $r->user !== true) {
                $user = json_decode($r->user, true);
                Cache::put($r->state, $user, now()->addMinutes(5));
            }
            return redirect($r->url() . '?code=' . $r->code . '&id_token=' . $r->id_token . '&state=' . $r->state . '&user=' . $r->user);
        }
    
        public function SocialSignup(Request $r, $provider)
        {
           $validator = Validator::make($r->all(), [
                'code' => 'nullable|string',
                'hash' => 'nullable|string',
                'otp' => 'nullable|numeric',
                'token' => 'nullable|string',
                'secret' => 'nullable|string',
                'id_token' => 'nullable|string',
                'state' => 'nullable|string',
                'user' => 'nullable|string',
    
            ]);
            if ($validator->fails()) {
                return [
                    'message' => 'Incorrect Data Posted',
                    'status' => 445,
                ];
            }
    
            $hash = $this->clean($r->hash) ?? null;
            $hashuser = Cache::get($hash);
            if ($hashuser) {
                return $this->SocialSignup($r, $hashuser);
            }
            try {
                $user = Socialite::driver($provider)->stateless()->user();
                $getcacheUser = Cache::get($r->state);
                $token = $user->token ?? null;
                $refreshToken = $user->refreshToken ?? null;
                $expiresIn = $user->expiresIn ?? null;
                $tokenSecret = $user->tokenSecret ?? null;
                $id = $user->id ?? $user->getId();
                $nickname = $user->nickname ?? $user->getNickname();
                $firstName = $getcacheUser['name']['firstName']  ?? $user->name->firstName ?? null;
                $lastName = $getcacheUser['name']['lastName'] ?? $user->name->lastName ?? null;
                $name = $user->name ?? $firstName . ' ' . $lastName ?? null;
                $email = $getcacheUser['email']  ?? $user->getEmail();
                $profileImage = $user->getAvatar();
                $data =  [
                    'name' => $name,
                    'nickname' => $nickname,
                    'profileImage' => $profileImage,
                    'username' => '',
                    'email' => $email,
                    'provider' => $provider,
                    'provider_id' => $id,
                    'token' => $token,
                    'tokenSecret' => $tokenSecret,
                    'refreshToken' => $refreshToken,
                    'expiresIn' => $expiresIn,
    
                ];
    
                if ($email || $id) {
                    return $provider == 'twitch' ? $data : $this->SocialSignup($r, $data);
                }
    
            } catch (\Throwable $th) {
                logger($th);
            }
    
            return [
                    'message' => 'Unknow Error',
                    'status' => 445,
                ];
        }
    
    
        public function SocialSignupNext($request, $userdata)
        {
            $email = $this->xlean($userdata['email']);
            $provider = $this->clean($userdata['provider']);
            $provider_id = $this->clean($userdata['provider_id']);
            $name = $this->nlean($userdata['name']);
            $usr = User::where('email', $email)->get();
    
            $user =  $usr->where('provider', $provider)
                ->where('provider_id', $provider_id)
                ->first();
    
            if ($user) {
                return $this->SocialLogin($request, $user);
            }
            $user = $usr->first();
            if ($user) {
                $user->update([
    
                    'provider' => $provider,
                    'provider_id' => $provider_id,
    
                ]);
                return $this->SocialLogin($request, $user);
            }
            $u =  User::create([
                'name' => $name,
                'email' => $email,
                'provider' => $provider,
                'provider_id' => $provider_id,
    
            ]);
            // this is optional can be skip you can return your user data from here
            return $this->SocialLogin($request, $u);
        }
    
    
    
        public function SocialLogin($r, $user)
        {
    
            $hashid =  Str::random(12);
    
            // to verify additional security
            if ($user->google2fa_secret && !$this->mlean($r->otp)) {
                Cache::put($hashid, $user, now()->addMinutes(15));
                return [
                    'message' => 'Unauthorized',
                    'status' => 444,
                    'hash' => $hashid
                ];
            }
            // check 2fa
            if ($this->mlean($r->otp)) {
                $g = \Google2FA::verifyKeyNewer(
                    $user->google2fa_secret,
                    ($this->mlean($r->otp)),
                    $user->google2fa_ts
                );
                if (!$g) {
                    return [
                        'message' => '2FA Expired Or Incorrect Code',
                        'status' => 445
                    ];
                } else {
                    $user->update([
    
                        'google2fa_ts' => $g
    
                    ]);
                    // optional incase you are using passport oAuth
                    $tokenResult = $user->createToken('Personal Access Token');
                    $token = $tokenResult->token;
                    $token->save();
                    return [
                        'u' => [
                            'data' => $tokenResult->accessToken,
                            'user' => $user
                        ]
                    ];
                }
            }
    
            $tokenResult = $user->createToken('Personal Access Token');
            $token = $tokenResult->token;
            $token->save();
    
            return [
                'u' => [
                            'data' => $tokenResult->accessToken,
                            'user' => $user
                        ]
            ];
        }
    
    
    }
    

    EventServiceProvider.php for Apple

    <?php
    
    namespace App\Providers;
    
    use Illuminate\Auth\Events\Registered;
    use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
    use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
    use Illuminate\Support\Facades\Event;
    
    class EventServiceProvider extends ServiceProvider
    {
        /**
         * The event listener mappings for the application.
         *
         * @var array
         */
        protected $listen = [
            Registered::class => [
                SendEmailVerificationNotification::class,
            ],
            \SocialiteProviders\Manager\SocialiteWasCalled::class => [
                // ... other providers
                'SocialiteProviders\\Twitch\\TwitchExtendSocialite@handle',
                'SocialiteProviders\\Apple\\AppleExtendSocialite@handle',
    
            ],
        ];
    
        /**
         * Register any events for your application.
         *
         * @return void
         */
        public function boot()
        {
            parent::boot();
    
            //
        }
    }
    
    

    services.php

    <?php
    
    return [
    
       // .....
    
        'twitter' => [
            'client_id'     => env('TWITTER_ID'),
            'client_secret' => env('TWITTER_SECRET'),
            'redirect'      => env('TWITTER_URL'),
        ],
    
        'facebook' => [
            'client_id'     => env('FACEBOOK_ID'),
            'client_secret' => env('FACEBOOK_SECRET'),
            'redirect'      => env('FACEBOOK_URL'),
        ],
    
        'github' => [
            'client_id'     => env('GITHUB_ID'),
            'client_secret' => env('GITHUB_SECRET'),
            'redirect'      => env('GITHUB_URL'),
        ],
    
        'google' => [
            'client_id'     => env('GOOGLE_ID'),
            'client_secret' => env('GOOGLE_SECRET'),
            'redirect'      => env('GOOGLE_URL'),
        ],
    
        'vkontakte' => [
            'client_id'     => env('VKONTAKTE_KEY'),
            'client_secret' => env('VKONTAKTE_SECRET'),
            'redirect'      => env('VKONTAKTE_REDIRECT_URI'),
        ],
    ];
    

    .env

    
    TWITTER_ID=Your ID
    TWITTER_SECRET=Your Secret
    TWITTER_URL=https://example.com/auth/twitter/callback
    
    FACEBOOK_ID=Your ID
    FACEBOOK_SECRET=Your Secret
    FACEBOOK_URL=https://example.com/auth/facebook/callback
    
    GITHUB_ID=Your ID
    GITHUB_SECRET=Your Secret
    GITHUB_URL=https://example.com/auth/github/callback
    
    GOOGLE_ID=Your ID
    GOOGLE_SECRET=Your Secret
    GOOGLE_URL=https://example.com/auth/google/callback
    
    VKONTAKTE_KEY=Your ID
    VKONTAKTE_SECRET=Your Secret
    VKONTAKTE_REDIRECT_URI=https://example.com/auth/vkontakte/callback
    
    

    VerifyCsrfToken Middleware

    you may need to disable Csrf for the route if you receive Error: Request failed with status code 419

    <?php
    
    namespace App\Http\Middleware;
    
    use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
    
    class VerifyCsrfToken extends Middleware
    {
        /**
         * The URIs that should be excluded from CSRF verification.
         *
         * @var array
         */
        protected $except = [
    
            '/sociallogin/*'
        ];
    }
    

    if any issue check

    if you wish you can buy me a coffee @ Patreon

    License

    The MIT License (MIT)

    Copyright (c) 2018 Diadal Nig LTD

    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

    Install

    npm i universal-social-auth

    DownloadsWeekly Downloads

    74

    Version

    0.2.5

    License

    MIT

    Unpacked Size

    48.6 kB

    Total Files

    17

    Last publish

    Collaborators

    • avatar