Redirect Authentication Reference Application
The redirect-authentication-reference-app is an example Node.js application that provides authentication using a redirection mechanism. The reference demonstration app is created for use cases where both authentication logic and the UI are present on the server-side rather than the client-side.
The redirection strategy provides the following features:
-
Authentication logic is abstracted from the client application.
-
A custom authentication UI is provided
The following figure illustrates the redirection architecture.
The redirect-authentication-reference-app consists os two layers:
-
The Authentication Logic Layer
-
The UI Layer (Views)
The authentication layer is responsible for validating the identity of a user. Currently, the reference implementation uses Firebase authorization libraries for authentication logic; however, any third-party authentication library may be used by simply replacing the Firebase library.
The UI layer is responsible for providing a UI for authentication. The default UI provided by firebase is used for the reference implementation but it could be easily swapped for any custom authorization UI.
When a request is made to the login endpoint of the server, the server redirects the user to the custom authorization UI screen. The user then enters the authorization credentials and clicks Submit. If the credentials provided by the user are correct the user is logged in and the user details are sent to the client using a WebSocket.
For this reference application, web sockets are used to communicate between the client and the server upon successful login. However, callbacks or any other mechanism could also be used.
Note that both the Digital Commerce Web Components and the Digital Commerce Lightning Web Components have components that could be used in conjunction with this reference implementation.
VlocityDCFirebaseRedirectStrategy and DCCustomAuthentication are the custom components respectively for Web Components and Lightning Web Components that are created as a reference implementation and could be used to interact with the server hosting the redirect-authentication-reference-app.