Vendure Social Auth

A community plugin for Vendure E-Commerce that allows authentication with your Vendure server via client-side tokens, issued from Google or Facebook.

Table of Contents

• Prerequisites
• Installation
• Configuration
• GraphQL Extensions
• Entities
• Admin UI Extensions
• Error Handling
• License

Prerequisites

Vendure Social Auth uses authentication tokens, issued on the client using the Google Sign-In SDK or the Facebook Javascript SDK. On the frontend, you have to guide the user through your application's authentication process, get their consent, and retrieve an access token before you can pass it to the plugin.

Installation

1. If you haven't already, create your server as described in Vendure's official docs

2. Install the package using npm or yarn package manager:

npm install @glarus-labs/vendure-social-auth

yarn add @glarus-labs/vendure-social-auth

3. In your vendure-config.ts file, initialize the SocialAuthPlugin plugin inside the VendureConfig object's plugin array:

import { SocialAuthPlugin } from '@glarus-labs/vendure-social-auth';

export const config: VendureConfig = {
    plugins: [
       SocialAuthPlugin.init({
            google: {
                strategyName: 'google',
                clientId: 'xxxx'
            },
            facebook: {
                strategyName: 'facebook',
                apiVersion: 'v6.0',
                appId: 'xxxx',
                appSecret: 'xxxx',
            }
        }) 
    ]
}

Configuration

The plugin's init function is configured using the SocialAuthPluginOptions interface:

export interface SocialAuthPluginOptions {
    google: {
        /** The Google strategy name your resolver will expect.
         *  Optional. Default value: 'google'
         */
        strategyName?: string; 
        /** The client id issued by your Google application. */
        clientId: string;
    },
    facebook: {
        /** The Facebook strategy name your resolver will expect.
         *  Optional. Default value: 'facebook'
         */
        strategyName?: string;
        /** The Facebook GraphAPI version the plugin will use.
         *  Format: 'vX.X'
         *  Optional. Default value: 'v6.0'
         */
        apiVersion?: string;
        /** The app id issued by your Facebook application. */
        appId: string;
        /** The app secret issued by your Facebook application. */
        appSecret: string;
    }
}

GraphQL Extensions

The current version of Vendure Social Auth extends the existing schema with a new mutation:

loginExternal

loginExternal(strategy: String!, token: String!): LoginResult!

The resolver for this mutation verifies the received token's validity with Google and Facebook's servers, and checks the database for a User with an identifier, matching the token. A new User - Customer pair is created, if a match is not found. An authenticated Session is created for the user.

Parameters:

• strategy - String! - Depending on the type of social login (Google or Facebook), pass one of the strategy name you defined in the plugin Configuration.
• token - String! - The token you received after completing the Prerequisites

Return type: LoginResult!

Entities

The current version of Vendure Social Auth does not include new entities or updates to existing ones.

Admin UI Extensions

The current version of Vendure Social Auth does not include Admin UI extensions.

Error Handling

// TODO

License

Vendure Social Auth is licensed under the MIT license.
Copyright © 2020, FlushBG