Skip to content

A reset password mixin for loopback. This package is a plug and play solution for reset password functionality with loopback and AWS-SES

Notifications You must be signed in to change notification settings

icarustechdev/loopback-auth-utility-mixin

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Loopback Reset Password Mixin

This module is written for Strongloop Loopback. This module automatically adds reset password functionality for your loopback project. It implements a loopback mixing object to add reset password feature.

Plug And Play

Loopback Reset Password Mixin is a plug and play solution for setting up reset password with your loopback project. This Module comes with an inbuilt UI and template for reset password, and confirm new password page, so you don't have to write any HTML, CSS, JS code to use this mixin.

Dependencies

This module uses AWS-SES and nodemailer for sending Emails. Right now only AWS-SES is supported in this module. If you want to use any other transporter, you are welcome to submit a Pull Request for that.

Installation

npm install loopback-reset-password-mixin --save

Configuration

  1. Install it ( If using with docker):

    docker-compose run builder npm install https://github.com/aquid/loopback-reset-password-mixin
    docker-compose run builder npm shrinkwrap
    
  2. The mixin should be added to any model class which prototypically inherits from loopback's User model

  3. Let's say you decided to name the model Employee

  4. Add common/models/employee.js

    module.exports = function(Employee) {
    };
    
  5. Add common/models/employee.json

    {
      "name": "Employee",
      "base": "User",
      "idInjection": true,
      "options": {
        "validateUpsert": true
      },
      "properties": {
        "name": {
          "type": "string",
          "required": true,
          "default": "NA"
        }
      },
      "validations": [],
      "relations": {},
      "acls": [],
      "methods": {}
    }
    
  6. Add the following mixin configuration into the common/models/employee.json file

    "mixins": {
      "ResetPassword": {}
    }
    
  7. After the changes it will end up looking like:

    {
      "name": "Employee",
      "base": "User",
      "idInjection": true,
      "options": {
        "validateUpsert": true
      },
      "properties": {
        "name": {
          "type": "string",
          "required": true,
          "default": "NA"
        }
      },
      "validations": [],
      "relations": {},
      "acls": [],
      "methods": {},
      "mixins": {
        "ResetPassword": {}
      }
    }
    
  8. Add the employee model at the bottom of server/model-config.json file

      , "Employee": {
        "dataSource": "mongodb",
        "public": true
      }
    
  9. Add the following to server/model-config.json file

    'mixins': [
      '../node_modules/loopback-reset-password-mixin'
    ]
    
    1. Before the changes, server/model-config.json file will look like:

      {
        "_meta": {
          "sources": [
            "loopback/common/models",
            "loopback/server/models",
            "../common/models",
            "./models"
          ],
          "mixins": [
            "loopback/common/mixins",
            "loopback/server/mixins",
            "../common/mixins",
            "./mixins"
          ]
        },
        ...
      
    2. After the changes server/model-config.json will look like:

      {
        "_meta": {
          "sources": [
            "loopback/common/models",
            "loopback/server/models",
            "../common/models",
            "./models"
          ],
          "mixins": [
            "loopback/common/mixins",
            "loopback/server/mixins",
            "../common/mixins",
            "../node_modules/loopback-reset-password-mixin",
            "./mixins"
          ]
        },
        ...
      
  10. Please do not copy/paste the ... above like a silly person.

  11. Add body-parser middleware and env vars for AWS into server/middleware.json

    1. Before the changes, file is like:

      "parse": {},
      
    2. After the changes:

      "parse": {
         "body-parser#json": {},
         "body-parser#urlencoded": {"params": { "extended": true }}
      },
      
  12. Add "protocol": "http || https", to the server/config.json file

  13. Check if your config.json file have host and port defined. If not, please add them like

        "host": "0.0.0.0",
        "port": "3000",
    
  14. You will need to setup your SES on AWS for yourself.

  15. Then setup the following SES environment variables in your environment

    • AWS_ACCESS_KEY_ID=value
    • AWS_SECRET_ACCESS_KEY=value
    • AWS_DEFAULT_REGION=value
    • RESET_PASSWORD_EMAIL=value (eg: [email protected])
  16. Start your API server

  17. In a separate terminal, make an API request to create an employee:

    curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{
      "name": "User One",
      "username": "user1",
      "email": "[email protected]",
      "password": "user1"
    }' 'http://localhost:3000/api/1.0/Employees'
    

    It should be successful.

  18. Attempt a login:

    curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{
      "username":"user1",
      "password":"user1"
    }' 'http://localhost:3000/api/1.0/Employees/login'
    

    It should be successful.

  19. Browse to http://localhost:3000/request-password-reset

  20. Provide the email for password change

  21. Wait and watch to make sure you receive the email

  22. Use the link in the email to reset the password

  23. The previous login should fail:

    curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{
      "username":"user1",
      "password":"user1"
    }' 'http://localhost:3000/api/1.0/Employees/login'
    
  24. But logging in with new password should work

  25. Done!

NOTE

To send emails using AWS-SES you need to verify the domain or email that you want to act as a source for your reset password emails. You can see verify email and domains process in the link provided.

About

A reset password mixin for loopback. This package is a plug and play solution for reset password functionality with loopback and AWS-SES

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • HTML 78.0%
  • JavaScript 22.0%