Ends in:
2 DAYS
14 HRS
20 MIN
50 SEC
Ends in:
2 D
14 H
20 M
50 S
Open Closed

How to authenticate from Vue JS app #4292


User avatar
0
rogercprops created

We're using App Commercial and the Microservices template.

We want to build a custom UI with Vue JS as the front end and using the API's in the micro-services on the back end. I'm having a hard time figuring out which services and API(s) to use to login a user to get an access token and the permissions for their roles.

It seems the login from a web app is only through a redirect to the MVC Authentication app. Is that accurate?

If not, can someone guide me?

Thank you.


5 Answer(s)
  • User Avatar
    1
    maliming created
    Support Team Fullstack Developer

    It seems the login from a web app is only through a redirect to the MVC Authentication app. Is that accurate?

    hi

    You can use oauth2-oidc library in vue like angular-oauth2-oidc

    abp supports authorization code and password grant types to get access token and id token.

    https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type https://developer.okta.com/blog/2018/06/29/what-is-the-oauth2-password-grant#the-oauth-20-password-grant

  • User Avatar
    0
    rogercprops created

    It seems the login from a web app is only through a redirect to the MVC Authentication app. Is that accurate?

    hi

    You can use oauth2-oidc library in vue like angular-oauth2-oidc

    abp supports authorization code and password grant types to get access token and id token.

    https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type https://developer.okta.com/blog/2018/06/29/what-is-the-oauth2-password-grant#the-oauth-20-password-grant

    Thank you but that doesn't really answer my question.

    We'd like to use the abp modules/libraries rather than write our own OAUTH flow.

    Going through the code on GitHub it looks like the login route (for example) is used in the Nuget package that contains the MVC app. abp/modules/account/src/Volo.Abp.Account.HttpApi/Volo/Abp/Account/AccountController.cs

    What I'd like to know is if those routes can be exposed as external REST API's that can be called using Axios or Ajax from the Vuejs app.

    Thanks

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    We'd like to use the abp modules/libraries rather than write our own OAUTH flow.

    The template project is already integrated with Identity Server or OpenIddict. You don't need to write any code.

    What I'd like to know is if those routes can be exposed as external REST API's that can be called using Axios or Ajax from the Vuejs app.

    On the contrary if AJAX returns token this may require more code.

  • User Avatar
    0
    rogercprops created

    We'd like to use the abp modules/libraries rather than write our own OAUTH flow.

    The template project is already integrated with Identity Server or OpenIddict. You don't need to write any code.

    What I'd like to know is if those routes can be exposed as external REST API's that can be called using Axios or Ajax from the Vuejs app. yo

    On the contrary if AJAX returns token this may require more code.

    Hi and thanks again for your quick response. I may not be asking the question correctly so I'll try to be more specific.

    We need to be able to get the authentication / authorization credentials that are used in the [Authorize] interface of the microservices.

    We will have a custom web application built with Vuejs and we will also need to expose REST API's to some of our clients who are using other applications.

    So, the work flow would look something like this:

    1. Web application or external application calls a login API to authenticate the user/system and get an access token and other credentials back.
    2. Web application or external application access other microservices via REST APIs or an API gateway, passing the appropriate authorization credentials in the API request headers.
    3. Our Vuejs web application would also use the user's roles and permissions to control what is accessible in the UI.

    We do not want a redirect to another application UI for authentication given that we'll also have external applications accessing the API's directly.

    I realize we'll have additional code to write, but can we use the Abp modules (specifically Account, Identity and OpendIDDict) for the above using only REST API's? If so, how would we go about doing that?

    Thanks

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can call the token endpoint with username and password to get access_token, Then you can use this token to call the API, same as the web application.

    https://identityserver4.readthedocs.io/en/aspnetcore1/quickstarts/2_resource_owner_passwords.html https://developer.okta.com/blog/2018/06/29/what-is-the-oauth2-password-grant#the-oauth-20-password-gran,t

Made with ❤️ on ABP v9.1.0-preview. Updated on December 02, 2024, 12:35