Skip to content

diadal/universal-social-auth

Repository files navigation

Known Vulnerabilities

universal-social-auth

SPA universal social auth

Laravel

Php

Vue2

Vue3

Nuxt

React

Angularjs

More

if you wish you can buy me a coffee @ Patreon

universal-social-auth is easily configurable solution for frontend frameworks Vue2.js, Vue3.js, Nuxtjs, React, Angularjs, Otherjs Framework that support TypeScript & JavaScript & backend frameworks Laravel and Other Php Frameworks with Socialite that provides Social login using Github, Facebook, Google, Vkontakte and other OAuth providers can also work with Nodejs backend App.

NOTE: 10x faster then vue-social-auth and less file sizes

looking for old version vue-social-auth

WARNING: Default request library is Axios.

NOTE: It also works with any PHP with Socialite

NOTE: New features*

1: Ability to add none existing provider

2: Importation only Required provider

3: No more Buffer functions were called based on user requests or needs

4: Optional how to handle addition security validation like 2fa Email code if enabled by the user after first login

5: Support for Native App framework Capacitorjs, Ionic, Cordova, Nativescript & More

Default Provider: Apple Facebook Google Github Instagram Twitter Bitbucket Linkedin Vkontakte Live Oauth1, Oauth2 & Twitch

NOTE: PR of New Provider can be submitted default location src/providers/index.ts(https://github.com/diadal/universal-social-auth/src/providers/index.ts)

Supported OAuth providers and configurations

Installation

First install Socialite

NOTE: Make sure you config your Socialite configuration data in services.php & .env for more details check https://socialiteproviders.netlify.com/

composer require laravel/socialite
or
composer require socialiteproviders/github

Next install universal-social-auth

npm install universal-social-auth

Vue3 Example (https://github.com/diadal/universal-social-auth-test-vue3)

Vue2 Example (https://github.com/diadal/universal-social-auth-test-vu2)

Usage

for Native App Frameworks config your APp to support Deep Link I used capacitorjs as an example and use Emitter to pass data to page component

// Optional for Native App main.[js|ts] or app.[js|ts]
 App.addListener('appUrlOpen', function (data) {
    const slug = data.url.split('.com').pop()
    if (slug) {
     /// redirectUri: 'https://myapp.com/auth/github/callback'
       const callback ='/callback' //string from reirectUri make this unique
       const code = slug.split('code=').pop()
       const checker = slug?.toString().includes(callback) && code
       if (checker) {
         emitter.emit('OauthCall', code)
       }
       else{
            router.push({
            path: slug
          })
       }

    }
  })


import axios, { AxiosInstance } from 'axios'
import UniversalSocialauth from 'universal-social-auth'
or import {UniversalSocialauth} from 'universal-social-auth'


`Vue3` declare module '@vue/runtime-core' {
            interface ComponentCustomProperties {
                $axios: AxiosInstance;
                $Oauth: UniversalSocialauth;

            }
            }
const options = {
  providers: {
    apple: {
      nonce: '**************',
      state: '**************',
      clientId: '**************',
      responseMode: 'form_post',
      response_type: 'code  id_token',
      optionalUrlParams: ['response_mode', 'use_popup', 'state'],
      usePopup: true,
      redirectUri: 'https://myapp.com/auth/github/callback'
    },
    github: {
      clientId: '**************',
      redirectUri: 'https://myapp.com/auth/github/callback'
    },
    google: {
      clientId: '***************',
      redirectUri: 'https://myapp.com/auth/google/callback'
    },
    facebook: {
      clientId: '************',
      redirectUri: 'https://myapp.com/auth/facebook/callback'
    },
    twitter: {
      url: 'https://myapp.com/auth/twitter',
      clientId: '********',
      redirectUri: 'https://myapp.com/auth/twitter/callback'
    }
  }
}

const Oauth:UniversalSocialauth = new UniversalSocialauth(axios, options)


`Vue2` Vue.prototype.$axios = axios
`Vue2` Vue.prototype.$Oauth = Oauth

`Vue3` app.config.globalProperties.$Oauth = Oauth
`Vue3` app.config.globalProperties.$axios = axios

`Other Framework` based on your global declaration

Button Method 1 note the null value this equal null if you import all provider

<button @click="useAuthProvider('github', null)">auth Github</button>
<button @click="useAuthProvider('facebook', null)">auth Facebook</button>
<button @click="useAuthProvider('google', null)">auth Google</button>
<button @click="useAuthProvider('twitter', null)">auth Twitter</button>

Button Method 2 note the note provider name eg: Github each provider must the imported individually & custom provider can be added eg: <button @click="useAuthProvider('mycustom', Mycustom)">auth Mycustom</button> this give ability to add none existing Provider

<button @click="useAuthProvider('github', Github)">auth Github</button>
<button @click="useAuthProvider('facebook', Facebook)">auth Facebook</button>
<button @click="useAuthProvider('google', Google)">auth Google</button>
<button @click="useAuthProvider('twitter', Twitter)">auth Twitter</button>
<button @click="useAuthProvider('mycustom', Mycustom)">auth Mycustom</button>

View Component

<script lang="ts">

import {
  getCurrentInstance,
  ComponentCustomProperties,
  ComponentInternalInstance,
} from 'vue';
import { ProderT } from 'universal-social-auth/dist/providers'

// Button Method 1
import { Providers} from 'universal-social-auth'

// Button Method 2
import { Github, Facebook, Google , Twitter} from 'universal-social-auth'
const MycustomProvider = {

    // Mycustom provider datas
}

const globalProperties = <ComponentInternalInstance>getCurrentInstance();
const box: ComponentCustomProperties = <ComponentCustomProperties>(
  globalProperties.appContext.config.globalProperties
);

// Below are the functions to use inside you export default be `Vue3 Setup()` or `Vue2 data()` or other `Framework`

 function useAuthProvider (provider:string, proData:Record<string, unknown>| null) {
      const pro = <ProderT>proData

      const ProData = pro || <ProderT>Providers[provider]
      box.$Oauth.authenticate(provider, ProData).then((response) => {
        const rsp:{code:string} = <{code:string}>response
        if (rsp.code) {
          responseData.value.code = rsp.code
          responseData.value.provider = provider
          useSocialLogin()
        }
      }).catch((err:unknown) => {
        console.log(err)
      })
    }


async function useLoginFirst (e: User) {
    // this sample of how to pust user data to my store
      const firstlogin: boolean = await box.$auth.firstlogin(e)
      if (firstlogin) {
        
       const msg = `Welcome To My App`
        alert(msg)
        await box.$router.push({ name: 'dashboard' })
        return
      }
    }

  function useSocialLogin () {
      // otp from input Otp form
      // hash user data in your backend with Cache or save to database
      const pdata = { code: responseData.value.code, otp: data.value.tok, hash: hash.value }
      box.$axios.post('/social-login/' + responseData.value.provider, pdata).then(async (response) => {
          // `response` data base on your backend config
        if (response.data.status === 444) {
          hash.value = response.data.hash
          fauth.value = true // Option show Otp form incase you using 2fa or any addition security apply to your app you can handle all that from here

        }else if (response.data.status === 445) {
          //do something Optional

        }else {

          await useLoginFirst(response.data.u)
        }
      }).catch((err:unknown) => {

        console.log(err)
      })
    }
// Optional for Native App listen to the event `OauthCall` from your page component main.[js|ts] or app.[js|ts]

    emitter.on('OauthCall',  (e) => {
      if(e){

        responseData.value.code = e
        useSocialLogin()

      }


    })


</script>

NOTE: Dont forget to off emitter beforeDestroy or onBeforeUnmount if you are building for Native App also must redirect back to the same domain

Vue Router

        {
          path: '/auth/:provider/callback',
          component: {
            template: '<div class="auth-component"></div>'
          }
        },

Vue is Done let move to backend config Laravel with Socialite

Laravel Router

Route::post('sociallogin/{provider}', 'Auth\AuthController@SocialSignup');

// you need the post method to work with apple
Route::post('auth/{provider}/callback', 'Auth\AuthAppController@AppleCode');

Route::get('auth/{provider}/callback', 'OutController@index')->where('provider', '.*');

OutController

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

class OutController extends Controller
{


    public function __construct()
    {

    }


    public function index()
    {

      return view('welcome');

    }
}

Auth\AuthController

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;

use Socialite;

class AuthController extends Controller
{


    public function __construct()
    {

    }

  // note if you are using sign by apple you need this
    public function AppleCode(Request $r, $provider)
    {
        //You can get apple code or finish all the process once
        return redirect($r->url() . '?code=' . $r->code);
    }

    public function SocialSignup(Request $r, $provider)
    {
        $validator = Validator::make($r->all(), [
            'code' => 'nullable|string',
            'hash' => 'nullable|string',
            'otp' => 'nullable|numeric',
            'token' => 'nullable|string',
            'secret' => 'nullable|string',

        ]);
        if ($validator->fails()) {
            return [
                'message' => 'Incorrect Data Posted',
                'status' => 445,
            ];
        }

        $hash = $r->hash ?? null;
        $hashuser = Cache::get($hash);
        if ($hashuser) {
            return $this->SocialSignupNext($r, $hashuser);
        }
        try {
            // Socialite will pick response data automatic
            $user = Socialite::driver($provider)->stateless()->user();
           $token = $user->token ?? null;
            $refreshToken = $user->refreshToken ?? null;
            $expiresIn = $user->expiresIn ?? null;
            $tokenSecret = $user->tokenSecret ?? null;
            $id = $user->id ?? $user->getId();
            $nickname = $user->nickname ?? $user->getNickname();
            $firstName = $user->name->firstName ?? null;
            $lastName = $user->name->lastName ?? null;
            $name = $user->name ?? $firstName . ' ' . $lastName ?? null;
            $email = $user->getEmail();
            $profileImage = $user->getAvatar();

             $data =  [
                'name' => $name,
                'nickname' => $nickname,
                'profileImage' => $profileImage,
                'username' => '',
                'email' => $email,
                'provider' => $provider,
                'provider_id' => $id,
                'token' => $token,
                'tokenSecret' => $tokenSecret,
                'refreshToken' => $refreshToken,
                'expiresIn' => $expiresIn,

            ];
        // this is optional can be skip you can return your user data from here
        if($email){

        return $this->SocialSignupNext($r, $data);

        }

        } catch (\Throwable $th) {
            logger($th);
        }

        return [
                'message' => 'Unknow Error',
                'status' => 445,
            ];
    }


    public function SocialSignupNext($request, $userdata)
    {
        $email = $userdata['email'];
        $provider = $userdata['provider'];
        $provider_id = $userdata['provider_id'];
        $name = $userdata['name'];
        $usr = User::where('email', $email)->get();

        $user =  $usr->where('provider', $provider)
            ->where('provider_id', $provider_id)
            ->first();

        if ($user) {
            return $this->SocialLogin($request, $user);
        }
        $user = $usr->first();
        if ($user) {
            $user->update([

                'provider' => $provider,
                'provider_id' => $provider_id,

            ]);
            return $this->SocialLogin($request, $user);
        }
        $u =  User::create([
            'name' => $name,
            'email' => $email,
            'provider' => $provider,
            'provider_id' => $provider_id,

        ]);
        // this is optional can be skip you can return your user data from here
        return $this->SocialLogin($request, $u);
    }



    public function SocialLogin($r, $user)
    {

        $hashid =  Str::random(12);

        // to verify additional security
        if ($user->google2fa_secret && !$this->mlean($r->otp)) {
            Cache::put($hashid, $user, now()->addMinutes(15));
            return [
                'message' => 'Unauthorized',
                'status' => 444,
                'hash' => $hashid
            ];
        }
        // check 2fa
        if ($this->mlean($r->otp)) {
            $g = \Google2FA::verifyKeyNewer(
                $user->google2fa_secret,
                ($this->mlean($r->otp)),
                $user->google2fa_ts
            );
            if (!$g) {
                return [
                    'message' => '2FA Expired Or Incorrect Code',
                    'status' => 445
                ];
            } else {
                $user->update([

                    'google2fa_ts' => $g

                ]);
                // optional incase you are using passport oAuth
                $tokenResult = $user->createToken('Personal Access Token');
                $token = $tokenResult->token;
                $token->save();
                return [
                    'u' => [
                        'data' => $tokenResult->accessToken,
                        'user' => $user
                    ]
                ];
            }
        }

        $tokenResult = $user->createToken('Personal Access Token');
        $token = $tokenResult->token;
        $token->save();

        return [
            'u' => [
                        'data' => $tokenResult->accessToken,
                        'user' => $user
                    ]
        ];
    }


}

EventServiceProvider.php for Apple

<?php

namespace App\Providers;

use Illuminate\Auth\Events\Registered;
use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Event;

class EventServiceProvider extends ServiceProvider
{
    /**
     * The event listener mappings for the application.
     *
     * @var array
     */
    protected $listen = [
        Registered::class => [
            SendEmailVerificationNotification::class,
        ],
        \SocialiteProviders\Manager\SocialiteWasCalled::class => [
            // ... other providers
            'SocialiteProviders\\Twitch\\TwitchExtendSocialite@handle',
            'SocialiteProviders\\Apple\\AppleExtendSocialite@handle',

        ],
    ];

    /**
     * Register any events for your application.
     *
     * @return void
     */
    public function boot()
    {
        parent::boot();

        //
    }
}

services.php

<?php

return [

   // .....

    'twitter' => [
        'client_id'     => env('TWITTER_ID'),
        'client_secret' => env('TWITTER_SECRET'),
        'redirect'      => env('TWITTER_URL'),
    ],

    'facebook' => [
        'client_id'     => env('FACEBOOK_ID'),
        'client_secret' => env('FACEBOOK_SECRET'),
        'redirect'      => env('FACEBOOK_URL'),
    ],

    'github' => [
        'client_id'     => env('GITHUB_ID'),
        'client_secret' => env('GITHUB_SECRET'),
        'redirect'      => env('GITHUB_URL'),
    ],

    'google' => [
        'client_id'     => env('GOOGLE_ID'),
        'client_secret' => env('GOOGLE_SECRET'),
        'redirect'      => env('GOOGLE_URL'),
    ],

    'vkontakte' => [
        'client_id'     => env('VKONTAKTE_KEY'),
        'client_secret' => env('VKONTAKTE_SECRET'),
        'redirect'      => env('VKONTAKTE_REDIRECT_URI'),
    ],
];

.env


TWITTER_ID=Your ID
TWITTER_SECRET=Your Secret
TWITTER_URL=https://example.com/auth/twitter/callback

FACEBOOK_ID=Your ID
FACEBOOK_SECRET=Your Secret
FACEBOOK_URL=https://example.com/auth/facebook/callback

GITHUB_ID=Your ID
GITHUB_SECRET=Your Secret
GITHUB_URL=https://example.com/auth/github/callback

GOOGLE_ID=Your ID
GOOGLE_SECRET=Your Secret
GOOGLE_URL=https://example.com/auth/google/callback

VKONTAKTE_KEY=Your ID
VKONTAKTE_SECRET=Your Secret
VKONTAKTE_REDIRECT_URI=https://example.com/auth/vkontakte/callback

VerifyCsrfToken Middleware

you may need to disable Csrf for the route if you receive Error: Request failed with status code 419

<?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

class VerifyCsrfToken extends Middleware
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [

        '/sociallogin/*'
    ];
}

if any issue check

if you wish you can buy me a coffee @ Patreon

License

The MIT License (MIT)

Copyright (c) 2018 Diadal Nig LTD

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

About

SPA universal social auth

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Sponsor this project

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •