Authentication is an extensive topic, and you have not indicated much that you want to achieve, but let me direct you to create Facebook authentication for you, the Dart application, because I think this is the easiest way to get started. What for? Because we donβt need to talk about every possible database that you could use, or about how you set up the database structure, models, etc., and how you deal with security (generate tokens, etc. )
With this knowledge, you can implement other service authentication (Google+, Twitter) and, ultimately, your own if you want.
So, first register the application on the Facebook apps page by clicking Create a new application. You should get this page:
(Be sure to fill in both domain and site domains)
Then specify some configuration file (e.g. config.dart ) that you will import wherever you need:
var config = { 'authentication': { 'facebook': { 'appId': '...', 'appSecret': '...', 'url': 'http://test.com/login/facebook' } }, };
Then you need to create the link somewhere. If you use the web interface, your Dart script can first import the configuration and create a login URL:
import 'config.dart'; main() { var fbConfig = config['authentication']['facebook']; var appId = fbConfig['appId']; var url = fbConfig['url']; var loginLinkUrl = 'https://www.facebook.com/dialog/oauth/?client_id=$appId&redirect_uri=$url&state=TEST_TOKEN&scope=email'; }
Now on your HTML you are giving the link:
<a href="{{ loginLinkUrl }}">Login with Facebook</a>
For now, perhaps read the Facebook developer guides: https://developers.facebook.com/docs/reference/dialogs/oauth/
In the Facebook login dialog box, the user specified in config ( /login/facebook ) will be indicated, then our application should respond to it. I let you handle the routing as you want, but essentially the server, when it receives the /login/facebook request, first encodes some properties:
var code = uri.encodeUriComponent(request.queryParameters['code']); var appId = uri.encodeUriComponent(config['authentication']['facebook']['appId']); var appSecret = uri.encodeUriComponent(config['authentication']['facebook']['appSecret']); var url = uri.encodeUriComponent(config['authentication']['facebook']['url']);
First you need import 'dart:uri' as uri .
After that, some code that requests the API for Facebook:
http.read('https://graph.facebook.com/oauth/access_token?client_id=$appId&redirect_uri=$url&client_secret=$appSecret&code=$code').then((contents) { // "contents" looks like: access_token=USER_ACCESS_TOKEN&expires=NUMBER_OF_SECONDS_UNTIL_TOKEN_EXPIRES var parameters = QueryString.parse('?$contents'); var accessToken = parameters['access_token']; // Try to gather user info. http.read('https://graph.facebook.com/me?access_token=$accessToken').then((contents) { var user = JSON.parse(contents); print(user); // Logged in as this user. }); });
I use HTTP here and QueryString .
After API requests, you get user information. Now you can do things like keep an authenticated user in a session. You can use for example. HttpRequest.session for this purpose. To log out, simply delete the data from the session.
This is roughly what you need to do to activate Facebook authentication to work. You can expect similar workflows for many other websites. You may also need / use the OAuth2 package.
So, we summarize:
- Create a Facebook developer profile and application with the appropriate URLs.
- Record the application identifier, etc. in some configuration.
- Create the correct login link.
- Enter the code on the server side where Facebook users find users.
- Write some API calls on the server to get an authenticated user.
Good luck