Dick, Sajak is not an OAuth library, but instead a way to map HTTP to your models in a predictable way. If the user comes in unauthenticated, you can use something like authom[1] in your middleware stack to do the OAuth dance, and then subsequently use whatever scheme you please to authenticate them for your site. All Sajak does is instantiate a user based on the `authentication` method of the user model you provide.
Jed [1] https://github.com/jed/authom On Fri, Apr 20, 2012 at 11:15 AM, Dick Hardt <[email protected]> wrote: > The various OAuth and OAuth end points have different names for the > parameters, and some will accept the token in the header, others in the query > string. Some have a refresh token. Interested in how you are going to support > all the various snowflakes of OAuth / OAuth 2 :) > > On Apr 19, 2012, at 9:46 PM, Jed Schmidt wrote: > >> Chenye, >> >> Sajak is authentication agnostic. The only special case is basic auth, >> where it will parse the base64 credentials into a username and >> password. All other schemes pass the scheme name and token, so for >> oauth, your user authenticate method would look like this: >> >> User.prototype.authenticate = function(auth, cb) { >> // for oauth: >> // auth.scheme == "oauth" >> // auth.token == "<user-oauth-token>" >> } >> >> Jed >> >> On Fri, Apr 20, 2012 at 9:44 AM, 梁辰晔 <[email protected]> wrote: >>> Hi, only basic user/password authentication now, >>> are you plan to support openid, oauth and the others? >>> >>> 在 2012年4月19日 下午9:26,Jed Schmidt <[email protected]>写道: >>>> >>>> Hey all, good evening from Tokyo. >>>> >>>> I've been working on a REST API facelift recently for a client, and >>>> extracted out what I learned into a library. >>>> >>>> It's called Sajak: Simple Authenticated JSON API Kit. >>>> >>>> It's a zero-dependency (but Express/Connect compatible) module in ~270 >>>> LOC that turns a collection of model constructors into an http >>>> listener that handles HATEOAS-friendly resolution, routing, >>>> authentication, and authorization for you, like this: >>>> >>>> ``` >>>> var http = require("http") >>>> , sajak = require("sajak") >>>> , server = http.createServer() >>>> >>>> function User(){ ... } >>>> User.prototype = { >>>> authenticate: function(auth, cb){ ... }, >>>> save: function(cb){ ... }, >>>> fetch: function(cb){ ... } >>>> } >>>> >>>> function TodoItem(){ ... } >>>> TodoItem.prototype = { >>>> authorize: function(user, action, cb){ ... }, >>>> save: function(cb){ ... }, >>>> fetch: function(cb){ ... }, >>>> destroy: function(cb){ ... } >>>> } >>>> >>>> server.on("request", sajak([User, TodoItem]).router) >>>> server.listen(3000) >>>> ``` >>>> >>>> Sajak wires everything up so that you don't have to pepper your routes >>>> with redundant/tedious/error-prone >>>> authentication/authorization/resolution logic. It's useful as a >>>> JSON-only API framework, or as a drop-in replacement for your >>>> Express/Connect API router. >>>> >>>> Check it out on Github: >>>> >>>> https://github.com/jed/sajak >>>> >>>> Any and all feedback appreciated: >>>> >>>> http://news.ycombinator.com/item?id=3862841 >>>> >>>> Jed Schmidt >>>> http://jed.is >>>> >>>> -- >>>> Job Board: http://jobs.nodejs.org/ >>>> Posting guidelines: >>>> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines >>>> You received this message because you are subscribed to the Google >>>> Groups "nodejs" group. >>>> To post to this group, send email to [email protected] >>>> To unsubscribe from this group, send email to >>>> [email protected] >>>> For more options, visit this group at >>>> http://groups.google.com/group/nodejs?hl=en?hl=en >>> >>> >>> -- >>> Job Board: http://jobs.nodejs.org/ >>> Posting guidelines: >>> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines >>> You received this message because you are subscribed to the Google >>> Groups "nodejs" group. >>> To post to this group, send email to [email protected] >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://groups.google.com/group/nodejs?hl=en?hl=en >> >> -- >> Job Board: http://jobs.nodejs.org/ >> Posting guidelines: >> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines >> You received this message because you are subscribed to the Google >> Groups "nodejs" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/nodejs?hl=en?hl=en > > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
