loopback/lib/models
Ritchie Martori 2f9403016c Initial auth implementation 2013-11-22 12:26:59 -08:00
..
README.md Add more docs and apis to application model 2013-07-22 11:15:02 -07:00
access-token.js Initial auth implementation 2013-11-22 12:26:59 -08:00
acl.js Initial auth implementation 2013-11-22 12:26:59 -08:00
application.js Clean up the model 2013-10-23 13:25:50 -07:00
email.js Fix bundle model name casing 2013-11-11 13:35:54 -08:00
index.js Rename Session => AccessToken 2013-11-14 10:05:13 -08:00
model.js Add checkAccess for subject and token 2013-11-20 13:43:01 -08:00
oauth2.js Add oauth2 related models 2013-11-14 21:19:56 -08:00
role.js Add unauthenticated role 2013-11-20 13:43:02 -08:00
user.js Update AccessToken and User relationship 2013-11-14 19:41:29 -08:00

README.md

Application

Application model captures the metadata for a loopback application.

Each application has the following basic properties:

  • id: Automatically generated id
  • name: Name of the application (required)
  • description: Description of the application (optional)
  • icon: URL of the icon
  • status: Status of the application, such as production/sandbox/disabled
  • created: Timestamp of the record being created
  • modified: Timestamp of the record being modified

An application has the following properties linking to users:

  • owner: The user id of the developer who registers the application
  • collaborators: A array of users ids who have permissions to work on this app

oAuth 2.0 settings

  • url: The application url
  • callbackUrls: An array of preregistered callback urls for oAuth 2.0
  • permissions: An array of oAuth 2.0 scopes that can be requested by the application

Security keys

The following keys are automatically generated by the application creation process. They can be reset upon request.

  • clientKey: Secret for mobile clients
  • javaScriptKey: Secret for JavaScript clients
  • restApiKey: Secret for REST APIs
  • windowsKey: Secret for Windows applications
  • masterKey: Secret for REST APIS. It bypasses model level permissions

Push notification settings

The application can be configured to support multiple methods of push notifications.

  • pushSettings

    { pushSettings: [ { "platform": "apns", "apns": { "pushOptions": { "gateway": "gateway.sandbox.push.apple.com", "cert": "credentials/apns_cert_dev.pem", "key": "credentials/apns_key_dev.pem" },

              "feedbackOptions": {
                  "gateway": "feedback.sandbox.push.apple.com",
                  "cert": "credentials/apns_cert_dev.pem",
                  "key": "credentials/apns_key_dev.pem",
                  "batchFeedback": true,
                  "interval": 300
              }
          }}
    

    ]}

Authentication schemes

  • authenticationEnabled
  • anonymousAllowed
  • authenticationSchemes

Authentication scheme settings

  • scheme: Name of the authentication scheme, such as local, facebook, google, twitter, linkedin, github
  • credential: Scheme-specific credentials

APIs for Application model

In addition to the CRUD methods, the Application model also has the following apis:

Register a new application

You can register a new application by providing the owner user id, applicaiton name, and other properties in the options object.

Application.register('rfeng', 'MyApp1', {description: 'My first loopback application'}, function (err, result) {
    var app = result;
    ...
});

Reset keys

You can reset keys for a given application by id.

Application.resetKeys(appId, function (err, result) {
    var app = result;
    ...
});

Authenticate by appId and key

You can authenticate an application by id and one of the keys. If successful, it calls back with the key name in the result argument. Otherwise, the keyName is null.

Application.authenticate(appId, clientKey, function (err, keyName) {
        assert.equal(keyName, 'clientKey');
        ...
});

Installation

Installation captures the installation of the application on devices.

Each record of installation has the following properties:

  • id: Generated id that uniquely identifies the installation
  • appId: Application id
  • appVersion: Application version
  • userId: The current user id that logs into the application
  • deviceToken: Device token
  • deviceType: Device type, such as apns
  • subscriptions: An Array of tags that represents subscriptions of notifications
  • status: Status of the application, production/sandbox/disabled
  • created: Timestamp of the recored being created
  • modified: Timestamp of the recored being modified