Does DerbyJS in current shape can implement authentication, if yes what's best way to do it? of not is their any work around to do it?
I'm very happy to share that Derby has released the first version of Access Control at the Racer level. Initial details are in the Racer package at https://github.com/codeparty/racer/blob/master/src/accessControl/README.md.
You track its ongoing progress with this github issue - https://github.com/codeparty/derby/issues/47#issuecomment-6337980
Use the derby-auth npm module: https://github.com/lefnire/derby-auth
No it does not yet, although the developers have said that it's one of the top things that they're working on. https://twitter.com/#!/derbyjs/status/194463304440221698
You might be able to build it in to your application, but at this point it doesn't really seem worth it. Unless you need it ASAP, I'd just wait until the developers officially release integrated auth.
You could simply use a reverse proxy to provide the security and https termination.
I'm currently trying NGINX.
Restrict the Derby server to listen on localhost and get NGINX to be the https terminator along with providing Basic Auth - or work up your own form-based login in Derby and keep NGINX as the https terminator/proxy.
You can already achieve simple authentication with the current feature set of Derby and Racer. Look at the source of the chat example for some inspiration.
There's also an open-source Derby app called HabitRPG which brought this a little further. The developer is working on integrating EveryAuth into the authentication process.
Also, an official EveryAuth example is to be expected from the authors of Derby and Racer in the coming weeks.
see the "auth" example in
https://github.com/codeparty/derby-examples
just committed this pull request ::
https://github.com/redaktor/derby-examples/commit/0edbbcc7e471e4c2441cfbd4e969007024bfd06e
it is not merged yet but if you change the 2 lines from the pull request as well, everything should work out of the box.
The newest derby module for login is here github.com/derbyparty/derby-login
Related
I want to create a background service that keeps sending device's location to the server even when the application is not running.
I tried the background-geolocation and background-mode plugins,but it didn't work as i want.
Can you help me please?
I do not think ionic provides this kind of functionality.
Do enlighten me if there's a github library for that.
Your best bet would be native android , in which u may want to look at the following regarding to sticky service.
Link Here Offical Docs Or Link2 Github
PS: You might want to consider the reason of your application regards to background collection of user location data. It might be a infringement of privacy and might be a violation to privacy laws in some countries.
I'm trying to implement a OAuth2 appcelerator connector for Studio to connect to a wordpress (WP has installed plugins REST API, OAuth2 server). And appcelerator download this module https://github.com/JiriChara/titanium-oauth2-client, but it is a version of 2012 which certainly has flaws. Unfortunately I could not make them work together.
I want to ask the community (Since it is the first time I am developing this type of connection between an app and a website in wordpress), if they have any solution please.
Thank you very much
I think that since the oAuth protocol hasn't changed, you should still be able to use that library you linked to. I see that it hasn't been updated in a while - and maybe that's because there is nothing to update.
If you encounter specific problems using the library you can clone the source and try to fix (maybe even revive the project and push back to GIT).
Basically, oAuth is a set of HTTP calls - so you can write it on your own. But since a lot of the job was already made in that module I would try to get it working and push whatever fixes I can so others searching for the same thing can enjoy it as well.
Take a look at this repo. It is an Appcelerator Titanium widget that was written to work with Azure oAuth2 but it would only take slight modifications to make it work with other oAuth2 systems. I was successful doing this for a recent project.
https://github.com/grantges/co.grantges.azure.adal
The first is that they can update the code (include to require) . I also try to take this module, but does not work .
regards
I know there are some packages like derby-auth, every-auth etc., that were written by the community/derby developers.
After a research I noticed that almost all the answers about the authentication mechanics in derby are pretty much a year old. Were there any changes? Is there a "derby" way to manage a simple username/password user authentication?
The official derby documentation says:
Access control
A basic access control mechanism is implemented, but it isn’t documented quite yet. An example is coming soon.
You can mix up your own authentication service, but the key point wold be - is there a way to properly secure you collections to prevent client side intrusion?
EDIT:
I can't find anywhere an example of a simple login and data lock! Is there a way to lock down collections and restrict some of the CRUD methods, like in MeteorJs? Right now, even with the derby-auth package, I am fully capable of mutating the model data trough the browser console, without being logged in.
Such a great framework, but this leak of documentation destroys it all..
AFAIK that is still work in progress: derby is still far from being production ready.
I'm working on a package called derby-passport, which is basically a fork of derby-auth, and I don't think any of these packages is actually an answer to you question. Not yet.
I'm developing a public e-commerce site in NodeJS and MongoDB, and I'm using forever instead of nginx or anything like that. (please let me know if I'm totally insane for doing this and why before I get too far along :)
As part of this site I need to calculate shipping, but I need to know that the numbers are spot on because I want to charge customers at checkout.
How could I set this up with Node.js?
I kind of have one solution, but I have no guarantee that it's accurate. Has anyone dealt with the UPS APIs using Node?
Thanks in advance for your help
Someone named Jesse D. Pate has developed a native UPS API. I have no idea if it's worthwhile, but the github repo is here, and it can be installed and toyed around with via
npm install ups_node
I think I've got it figured out ...now to start a Github project
This is a universal way to do it:
I modified the ./RatingPackage/PACKAGEXMLTools/Rate_Tool_SampleRequest.xml to include my information then I saved it as testRequest.xml then I posted it to https://wwwcie.ups.com/ups.app/xml/Rate (their test server) using the command
curl -X POST -d "`less testRequest.xml`" https://wwwcie.ups.com/ups.app/xml/Rate
and it returns an XML document that can then be converted to the (superior) json format and used in a web app.
I developed a node module with support for more functionality (and will continue improving) of the UPS API. With this module you can provide rating information, create a shipment, produce a label, void a shipment, track shipments, and perform address validation.
Check it out:
npm install shipping-ups
Read docs here: https://github.com/typefoo/node-shipping-ups
I want to create something similar to Heroku (first I was thinking in EngineYard-like but I prefer Heroku) for node.js (I know they already support node.). However, It's for a personal project so it doesn't need to be anything overcomplicated or super expensive. I believe I can learn a lot creating a product like this.
Before I start, I have several doubts:
Heroku uses a reverse proxy to receive the requests. However, reverse proxy doesn't work fine with websockets. How can this be fixed?
1 instance supports several dynos. How can an instance be divided by RAM, processing, etc?
I guess if I have an answer to the last questions I'll be able to create a route mesh. However, what can be the tricks here?
Regards.
Donalds
So you want to be a node Paas?
Nodejitsu opensourced their hosting solution: haibu (Japanese for Hive). It's well documented and you'll also get real time support if you hope onto #nodejitsu on efnet irc network.
As a user of their service, I can vouch for the simplicity of the solution. You use their client jitsu to provision, configure and deploy the applications. Applications are watched over by their tweaked version of forever.
Go for the simplest possible implementation.
Use HAProxy, Apache Traffic Server or
mongrel2 as your reverse proxy. They
all support the HTTP 1.1 protocol and
should work with websockets.
Don't worry about limiting resources.
Also don't worry about a routing mesh.
Just update and reload the
config on your reverse proxy any time
you're spinning up a backend process.
Good luck.