Authentication
This provides a comprehensive interface for authentication management within a Genesis Server endpoint environment. It encapsulates the entire authentication flow, from login to logout, including session management and user state observability.
Interfaces and classes
Auth interface
- Description: Main interface for authentication operations.
- Key Properties:
isWorking: Indicates ongoing authentication processes.isLoggedIn: Boolean flag denoting user's login state.isLoggedIn$: Observable for reactive login state tracking.currentUser: Reference to the currently authenticated user.
- Key Methods:
login(credentials: AuthInfo): Authenticates a user with provided credentials.logout(): Logs out the current user.reAuthFromSession(): Attempts re-authentication using existing session data.
DefaultAuth class
- Description: Default implementation of the
Authinterface. - Behavior:
- Manages user authentication state, including login, logout, and session-based re-authentication.
- Utilizes
Session,Connect,MessageBuilder, andCredentialManagerfor managing authentication flows and session information. - Emits changes in login state through a
BehaviorSubject, allowing reactive components to respond to authentication state changes.
Authentication process
-
Login:
- Invokes
login()with user credentials. - Constructs and sends a login message to the server.
- On successful authentication, session details are stored, and the user state is updated.
- Invokes
-
Logout:
- Invokes
logout(). - Sends a logout message to the server.
- Clears session data and updates user state accordingly.
- Invokes
-
Re-Authentication:
- Utilizes
reAuthFromSession()for session-based user re-authentication. - Checks for valid session information and attempts to re-authenticate the user without requiring credential input.
- Utilizes
Observing user login state
The module provides isLoggedIn$, an Observable that emits boolean values representing the user's login state. This allows components and services to reactively respond to changes in authentication state, enhancing dynamic UI updates and state-dependent functionality.
Usage Example
import { Auth, BasicAuthInfo, AuthType } from '@genesislcap/foundation-comms';
export class MyExampleClass {
@Auth auth: Auth;
async function loginUser() {
const credentials: BasicAuthInfo = {
type: AuthType.BASIC,
username: 'user@example.com',
password: 'password123',
};
try {
const result = await this.auth.login(credentials);
console.log('Login successful:', result);
} catch (error) {
console.error('Login failed:', error);
}
}
async function logoutUser() {
try {
await this.auth.logout();
console.log('Logout successful');
} catch (error) {
console.error('Logout failed:', error);
}
}
async function reAuthenticateUser() {
try {
await this.auth.reAuthFromSession();
console.log('Re-authentication successful');
} catch (error) {
console.error('Re-authentication failed:', error);
}
}
}
Extending and customizing
- Custom Authentication Strategies: Implement the
Authinterface to introduce custom authentication mechanisms or integrate with external identity providers. - Session Management: Leverage the
Sessionservice for enhanced session persistence and management strategies, supporting complex scenarios like token refresh or multi-factor authentication processes.
Considerations
- Security: Ensure secure handling of user credentials and session data, following best practices for data protection and secure communication.
- Session Expiry: Implement session expiry and renewal mechanisms to maintain user sessions securely and prevent unauthorized access.
- Error Handling: Handle authentication errors gracefully, providing clear feedback to users and logging detailed error information for troubleshooting.