Root authentication ReactJS component, having only router switches for showing different content depending on the current route.
Component with 2 functions:
Component with the registration form validates entered email, checks if password and confirmation are the same, sends the request to the registrations API endpoint.
Component with the login form. Validates entered data (email, password), sends data to the login API endpoint.
The text page thanking for the registration and informing a user to complete the registration by clicking on the link in the sent email. Also, it has a link to resend the confirmation email if not received.
This page is loaded when a user tries to confirm his/her email. It sends the user id (taken from URL) to the confirmation endpoint and after confirmation redirects to the login page.
The sending a confirmation message is done using Flask-Mail extension. To make it work it's necessary to provide the following configuration settings:
The values of these keys depend on the concrete email provider used for sending messages.
ADMIN_EMAIL is used to assign a specific role to the user during the registration. If a user's email is the same as ADMIN_EMAIL, the "Admin" role will be assigned, else "User".
The confirmation email is based on the following config settings:
The subject has the following format:
<Company name>: Confirm your registration
During the registration process, the backend generates a special sequence of symbols representing the user's token. During the verification process, this sequence is being decoded back, and if the extracted user id is the same as the current user, it's considered confirmed.
The config key you need to provide:
The current version of this component uses JWT (JSON Web Tokens) technology, implemented in a separate component.
Currently, only Google sign-in is supported.
To enable it, you have to add the following variable to your .env variables list:
SOCIAL_LOGINS = 'google'
You also have to create a Google application. It can be done automatically right from here: https://developers.google.com/identity/sign-in/web/sign-in
Click the Configure a project button.
Or you can do manually in the console: https://console.developers.google.com
Click on the generated OAuth client and add http://localhost:5001 or whatever to test - in the Authorized JavaScript Origins section. And the same to Authorised redirect URIs
Select another OAuth ID, called Webclient and add URL to it too.
After you've done, open your Google apps console and download or copy your credentials. Click the application from "OAuth 2.0 Client IDs" and then copy your google Client ID to your variable:
GOOGLE_CLIENT_ID = 'xxxxx-xxxxxxxxxx.apps.googleusercontent.com'
/api/auth/register - creates a user, generates the confirmation token, sends the confirmation email
/api/auth/login - gets a user entity based on the entered email, and verifies if the provided password corresponds to the user's password's hash. In a case of successful verification, a JWT token is created and sent back with the response.
/api/auth/logout - call JWT component logout function
/api/auth/token/refresh - call JWT component to generate a fresh access account
/api/auth/resendconfirm/
/api/auth/confirm/