ããã«ã¡ã¯ã³ã¢éçºè ã
ãã®ããŒãèªèšŒã©ãããŒã«åºããããPassportãæè¿ã»ãšãã©ä¿å®ãããŠããªãããã«èŠããã®ã§ãPassport JSããé¢ããããšãæ€èšãã䟡å€ããããã©ããçåã«æããŸãããïŒ ããããFeathersDocs + CLIã«ãã£ãšåœãŠã¯ãŸããŸãããããã§æ³šç®ãéãããšæããŸããïŒ ä¹Ÿæ¯
èªèšŒãè¡ãããã®ãã¬ãŒã ã¯ãŒã¯ã«äŸåããªãæ¹æ³ãæ€èšãå§ããã®ã§ãããã¯å®éã«ã¯è¯ãã¿ã€ãã³ã°ã§ãã ExpressãKoaããŸãã¯Hapiãã©ã³ã¹ããŒãã§Feathersã䜿çšããŠããå Žåã¯ãoAuthã®ã¿ããµããŒãããŠãåé¡ãããŸããã
æ®å¿µãªãããããã¯ããªãé倧ãªé倧ãªå€æŽãæå³ããå¯èœæ§ããããèªèšŒããã§ã¶ãŒã®äººã ã«ãšã£ãŠæãå°é£ãªéšåã§ããããã«æãããããšãèãããšããªã¹ã¯ããããŸãã
ãã®libã¯åœ¹ç«ã€å¯èœæ§ããããŸãïŒ
https://github.com/ianstormtaylor/permit
Passportã®å€§ããªã»ãŒã«ã¹ãã€ã³ãã¯ãã®ãšã³ã·ã¹ãã ã§ãïŒPassportã¯ãã®ãšã³ã·ã¹ãã ã®éèŠãªéšåã§ãããããExpresså
šè¬ã«ãåœãŠã¯ãŸããŸãïŒã Grantã¯Passportã®æãå®è¡å¯èœãªä»£æ¿æ段ã§ãããPassportã»ã©éçºãããŠããããæ©èœïŒããããªããpassport-localïŒããããŸããã
Passportã®ãã¬ãŒã ã¯ãŒã¯ïŒäžå¯ç¥è«è
ïŒã¢ããã¿ãŒãžã®æè³ã¯é¢åã§ãããç©äºãå£ããªãããã®å¯äžã®æ¹æ³ã ãšæããŸãã ããã€ãã®ã€ãã·ã¢ããããããŸãããã httpsïŒ//github.com/hapijs/travelogueã®ããã«ãã¹ãŠãæŸæ£ãããŠã
ãã®çç±ã¯ããããåªåãã䟡å€ããªãããã§ãããã PassportJSã®åé¡ã¯
1ïŒä»ã§ã¯Passportã³ã¢ïŒéå»3幎éã§2ã€ã®ãªãªãŒã¹ïŒãšã»ãšãã©ã®ãã©ã°ã€ã³ã¯ã»ãšãã©ã¡ã³ããã³ã¹ãããŠããªãããã§ã
2ïŒæŽ»åãå°ãªããšããããšã¯ããããããå®å®ããŠããããšãæå³ããããšããããŸãããã»ãšãã©ã®åé¡ããå€æãããšãå®å
šã«æªç¢ºèªã®ãŸãŸã§ãããšç§ã¯æšæž¬ããŠããŸã1ïŒ
3ïŒä»ã®ãã¬ãŒã ã¯ãŒã¯ã§ã¯ããŸãæ©èœããŸãã
4ïŒWebsocketã§ã¯ããŸãæ©èœããŸãã
5ïŒHTTP2ãŸãã¯å®å
šã«éHTTPãã©ã³ã¹ããŒããããã³ã«ïŒFeathersããµããŒãã§ããïŒã§ã¯ãããã»ã©ã§ã¯ãªãå¯èœæ§ãéåžžã«é«ãã§ãã
ãããŠæçµçã«ã¯ãç¹ã«ãããã³ã«ã«äŸåããªãã¢ãŒããã¯ãã£ã匷å¶ããããšããFeathersã®å Žåãå®éã«ã¯ããŸãå¹æããããŸããã çŸåšãåºæ¬çã«å€æããŠããŸã
Feathers protocol independent format
-> Passport friendly (HTTP like) format
-> Passport strategy
-> Custom code in passport strategy
-> Strategy return value
-> Feathers format
ç§ãã¡ãæ¬åœã«ããããããšã¯
Feathers protocol independent format
-> Custom verification code
-> Feathers format
passport-local
ãããªãã®ã¯ãã¹ãŠããŠãŒã¶ãŒåãšãã¹ã¯ãŒããæ¯èŒããã ãã§ãïŒãšã«ãããããã¯ç¬èªã®ãã³ãã©ãŒã§è¡ãå¿
èŠããããŸãïŒãããã§ã¯ãããã¯ã«è²Œãä»ããŠã¿ãŸãããïŒ
æ倧ã®èª²é¡ã¯åžžã«oAuthã§ããããã¯å¹žéã«ãæšæºã§ãããããããåªãã代æ¿æ段ãååšããå¯èœæ§ããããŸãã å®éã«ã¯ãFeathersèªäœã¯ãoAuthã¢ã¯ã»ã¹ããŒã¯ã³ãæå¹ãªJWTã«å€æã§ããããã«ãã以å€ã«ãoAuthã«ã€ããŠããã»ã©å¿é ããå¿ èŠã¯ãããŸããã ä»ã®ãã¹ãŠã¯ãFeathersã䜿çšããããšã«ãªã£ããã¬ãŒã ã¯ãŒã¯ã§å®è¡ã§ããŸãïŒããããå®è¡ããå¿ èŠããããŸãïŒã
ãã€ã³ãã¯æå¹ãªããã§ãã @daffl ããã®ã¢ãŒããã¯ãã£å ã®ExpressïŒããã³å Žåã«ãã£ãŠã¯KoaïŒãšã³ãžã³å°çšã®çŸåšã®ãã¹ã¯ãŒãããŒã¹ã®èªèšŒã¢ãžã¥ãŒã«ãšã®äºææ§ãç¶æããããšã«ã€ããŠã©ãæããŸããïŒ
ãã¬ãŒã ã¯ãŒã¯ãPassportãšã®äºææ§ã倱ããéçºè ããã®æŠç¥ã®ããã«ãããå¿ èŠãšããŠããå ŽåãçŸåšã®æ¹æ³ãšåæ§ã«ãã¬ãŒã ã¯ãŒã¯ãçµ±åããããã«raw Passportãå®è£ ããããšã¯ãç°¡åãªäœæ¥ã§ã¯ãããŸããã çŸåšã®feathers-auth- *ããã±ãŒãžã«ã¯ããšã©ãŒåŠçãªã©ã®ããã®ãã¹ãæžã¿ã®äŸ¿å©ãªå®åã³ãŒããããããå«ãŸããŠããŸãã
ç§ã«ãšã£ãŠå€§ããªåé¡ïŒãããŠç§ã¯äžäººã§ã¯ãªããšæããŸãïŒã¯ãFeathersãã¹ããã€ãäžã®Expressã§ãããæçµçã«ã¯ãèŠåãå€æ°ã®éèŠãªæ©èœãããã³Passportãå«ãæ¢åã®Expressãšã³ã·ã¹ãã ã䜿çšããæ©èœãåãããã¬ãŒã ã¯ãŒã¯ã®ããã«æããããšã§ãã ããã¯Feathersã®éåžžã«åŒ·åãªåŽé¢ã ãšæããŸãããããžã§ã¯ãã次ã®äž»èŠãªãã¬ãŒã ã¯ãŒã¯ã®ãªãªãŒã¹ã«ç§»è¡ããæ©èœã®äœäžã«å¯ŸåŠããããã«å€å€§ãªåŽåãå¿ èŠã«ãªããšããããæ®å¿µã§ãã
ãããšãFeathersããã¬ãŒã ã¯ãŒã¯ã«äŸåããªãããã«å€æŽããããšããExpressã®ãµããŒãã倱ãããããšã¯ãªãã£ãã®ã§ãåæ§ã®èãã§ãã ãããåé²ãããä»ã®ãã¬ãŒã ã¯ãŒã¯ããããã³ã«ãå®éã«ãµããŒãããããã«ãæ®å¿µãªãããèªèšŒã®ããã«åæ§ã®ããšãè¡ãæ¹æ³ã¯å®éã«ã¯ãããŸããã é«ã¬ãã«ã®APIã¯ã»ãŒåããŸãŸã§ãããå éšã¯ããæè»ã«ãªãããã«å€æŽãããŸãã
ãšã«ãããã§ã«Feathersãã©ã°ã€ã³ã«ãã£ãŠãµããŒãïŒããã³æœè±¡åïŒãããŠãããã®ä»¥å€ã¯ãPassportæŠç¥ãããŸã䜿çšãããŠããªãããã«æããŸãïŒå®éã«ã¯ãç¹ã«WebSocketãä»ããŠæ©èœããªããã®ãããã€ãç¥ã£ãŠããŸãïŒ ã ã»ãšãã©ã®APIã§ãèªèšŒã®ãŠãŒã¹ã±ãŒã¹ã¯ããã»ã©å€ããããŸããã
ããã¯ç§ãã¡ãçŸåšæ±ããŠããåé¡ã®1ã€ã§ãã ã»ãšãã©ã®Feathersã¯åé¡ãéããŠãããCookieãã»ãã·ã§ã³ããªãã€ã¬ã¯ããããã³èªèšŒã¯ã©ã€ã¢ã³ããããããåããŠããã®ã¯ãã»ãšãã©ã®å Žåããã¹ãŠã®Feathersãæ¬åœã«å¿ èŠãšããã®ã¯ã¢ã¯ã»ã¹ããŒã¯ã³ã§ããå Žåã®PassportãšoAuthã«ãããã®ã§ãã ããè¯ãåé¢ã¯ãç©äºãããæ確ã«ããã«ã¹ã¿ãã€ãºããããããŸãã
PassportJSãããç©æ¥µçã«ä¿å®ãããŠããã°ãããããã¹ãŠãããããããã»ã©å€ãã®åé¡ãåŒãèµ·ããããšã¯ãªãã§ãããã ä»ã®ãã¬ãŒã ã¯ãŒã¯ããµããŒãããããšã¯ãç§ã«ã¯äžè¬çãªèªèšŒã¬ã€ã€ãŒã«ãšã£ãŠéåžžã«éèŠãªæ©èœã®ããã«æããŸããããã¹ãŠã®æ°ãããã¬ãŒã ã¯ãŒã¯ã¯ãããèªäœã§ããã¢ãžã¥ãŒã«åãããïŒãããŠæå°éã®ïŒèªèšŒã¡ã«ããºã ã«ãªã£ãŠããŸã£ãããã§ãã
èªèšŒã¯ã人ã ã«ãšã£ãŠãã§ã¶ãŒã®æãé£ããéšåã®ããã§ãã
ãã®ææ ãåæ ãããããšæããŸãã ç§ãïŒåå¿è ãšããŠïŒfeathersãè©Šãããšã«ããäž»ãªçç±ã®1ã€ã¯ãããããŸãšããªèªèšŒãã¥ãŒããªã¢ã«ããæã£ãŠããå¯äžã®apiãã¬ãŒã ã¯ãŒã¯ã®1ã€ã§ãããšããããšã§ãã ãŸããfeatherç¬èªã®èªèšŒå®è£ ãæ¡çšããã®ãããããæåã®æ¹æ³ã§ãããç§ã®ãããªäººã ãFeatherãæäœãããããªããšæããŸãã
èªèšŒã·ã¹ãã ã«å€æŽãå ããéã¯ãããã©ã«ããšããŠéåžžã®Cookieã»ãã·ã§ã³ã«åãæ¿ããããšã匷ããå§ãããŸããJWTã¯åŸæ¹ãµããŒããªãã·ã§ã³ãšããŠã®ã¿äœ¿çšããŸãã
JWTã¯ãã»ãã·ã§ã³ã®ãããªèªèšŒã«äœ¿çšããããã«ã¯èšèšãããŠããããéåžžã®Cookieã»ãã·ã§ã³ã«æ¯ã¹ãŠæå³ã®ããå©ç¹ã¯ãããŸããããCookieã»ãã·ã§ã³ã¯JWTã«æ¯ã¹ãŠå€§ããªå©ç¹ããããŸãïŒJWTãè匱ãªã»ãã·ã§ã³ãã€ãžã£ãã¯ä¿è·ãå«ãïŒã
ãã®è¬æŒã¯ããã®çç±ïŒãããŠãããããJWTãã©ã®ããã«äººæ°ãåãããïŒã説æããåªããä»äºãããŠããŸãïŒ
ãã®èšäºã¯å¥ã®è¯ããªãã¡ã¬ã³ã¹ã§ãïŒ http ïŒ
Feathersã¯ã»ãã·ã§ã³ã«JWTã䜿çšããŠãããã httpsïŒ //github.com/feathersjs/authentication/issues/597#issuecomment-339846437ã®èšäºã§åãäžããããæžå¿µã®ã»ãšãã©ã«ãã§ã«å¯ŸåŠããŠããŸãã ãªãŒãã³ãã§ã¶ãŒã®åé¡ã®å€§éšåã¯ãJWTã®åé¡ã§ã¯ãªããå®éã«Cookieã䜿çšããããšã«é¢ããåé¡ã§ãã
JWTãéžæããçç±ã¯ãããããããŸãã æãéèŠãªã®ã¯ãFeathersãéHTTPãã©ã³ã¹ããŒãã¡ã«ããºã ããµããŒãããããã«èšèšãããŠããããšã§ãã ã»ãã·ã§ã³Cookieãžã®WebSocketæ¥ç¶ã®ã·ã¥ãŒããŒãã³ã°ãè©Šããããšã®ãã人ãªã誰ã§ããããããç§ãäœãæå³ããã®ããç¥ã£ãŠããã§ããããJWTã§ããŸãæ©èœããä»ã®ãã©ã³ã¹ããŒãïŒèšç»ãããMQTTãªã©ïŒã§ã¯ãŸã£ããäžå¯èœã§ãã ç§ããã€ãææããŠããããã«ããããæ¬åœã«å¿ èŠãªå Žåã¯ãFeathersçšã«ç¬èªã®Expressããã«ãŠã§ã¢ããŒã¹ã®èªèšŒã¡ã«ããºã ãå®è£ ããã®ã¯ããªãç°¡åã§ãã
app.use(function(req,res, next) {
// Set service call `param.user` from `session.user`
req.feathers.user = req.session.user;
});
authtãªããžããªãžã®ãªã³ã¯ãããããšãã ããã ãã§ãªããã»ãã·ã§ã³é¢é£ã®åé¡ã«ã€ããŠããããã§ããã«æ€çŽ¢ããããšãã§ããŸããã§ããã
ç§ã®ç¥ãéããCookieã®äœ¿çšã«åé¡ãããWebSocketã«ã€ããŠã¯èããããšããããŸããã http以å€ã®ãªã¯ãšã¹ãã®å ŽåãCookieã«äœ¿çšãããã®ãšåãããŒã¯ã³ããã°ã€ã³ããŒã¯ã³ãšããŠæå®ã§ããŸãã ããã«ãããããã©ã«ãã§httpããŒã¹ã®ãªã¯ãšã¹ããããå®å šã«ïŒãããŠæšæºçã«ïŒãªããä»ã®ãµãŒãã¹ã«ãåãããã«ç°¡åã«å®è£ ã§ããŸãã ãŸããããŒã¯ã³ãåãæ¶ãããšãã§ããããã«ãªããŸãããããã«ãããéåžžã«ç°¡åã«ã§ããããã«ãªããŸããïŒãŸãããã¹ã¯ãŒãã®ãªã»ãããæåã®ããã¹ãŠãã°ã¢ãŠãããªã©ã®ããã«ãéããŠãããã¹ãŠã®ã»ãã·ã§ã³ãã¯ãªã¢ããããšãã§ããŸãïŒã
çæ³çã«ã¯ãJWTã«åºå·ããå Žåã¯ã決å®ã®èåŸã«ããå®å šãªçç±ãæŠèª¬ãããããã«ã€ããŠæèµ·ããããã¹ãŠã®æžå¿µãããããé©çšãããªãçç±ããŸãã¯ãã¬ãŒããªãã®æ±ºå®ãè¡ãããçç±ãå«ãããã¥ã¡ã³ãããŒãžãçšæããå¿ èŠããããŸãã
Feathers v4èªèšŒã¯å®å šã«ãã¬ãŒã ã¯ãŒã¯ã«äŸåãããPassportJSã«äŸåããªããªããŸããã JWTã®ãã¡ã³ã§ã¯ãªããGrant for oAuthã䜿çšããŠããå Žåã«ã«ã¹ã¿ã ã¢ã¯ã»ã¹ããŒã¯ã³ã®äœ¿çšãèš±å¯ããå ŽåïŒããã«ãããäœæ¥ãã¯ããã«ç°¡åã«ãªããŸãïŒã ã¢ããã°ã¬ãŒãæ¹æ³ã®è©³çŽ°ã«ã€ããŠã¯ã移è¡ã¬ã€ããåç §ããŠãã ããã
æãåèã«ãªãã³ã¡ã³ã
ãã®ææ ãåæ ãããããšæããŸãã ç§ãïŒåå¿è ãšããŠïŒfeathersãè©Šãããšã«ããäž»ãªçç±ã®1ã€ã¯ãããããŸãšããªèªèšŒãã¥ãŒããªã¢ã«ããæã£ãŠããå¯äžã®apiãã¬ãŒã ã¯ãŒã¯ã®1ã€ã§ãããšããããšã§ãã ãŸããfeatherç¬èªã®èªèšŒå®è£ ãæ¡çšããã®ãããããæåã®æ¹æ³ã§ãããç§ã®ãããªäººã ãFeatherãæäœãããããªããšæããŸãã