Skip to content

benjifs/serverless-indieauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
netlify
netlify
 
 
public
public
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
netlify.toml
netlify.toml
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

serverless-indieauth (barnacle)

This project uses @benjifs/indieauth to setup a serverless IndieAuth endpoint.

Deploy to Netlify

Clicking the "Deploy to Netlify" button will fork this repository and create a new Netlify site which will setup an authorization and token endpoint.

Setup

When setting this project up on Netlify, you should be asked to configure the following environment variables:

SECRET

A random generated string which will be used to create the access token. You can generate it with:

PASSWORD_SECRET

Your password hashed with bcrypt. To do so you can either:

  • htpasswd -bnBC 10 "" toomanysecrets | cut -d : -f 2 where "toomanysecrets" is the password
  • Use this website to create the hash

Routes

Optionally, you can customize the routes if you would like them to be different than the default. You can do this by renaming the filenames in /netlify/functions or add a path value to the function's config like in metadata.js. For more info you can also read Netlify's Route requests documentation.

If you modify the routes, you will also have to make sure the values that you've changed them to match the values shown in metadata.js. For example, if you rename auth.js to authorization.js, you will need to change Line 5 in metadata.js from:

authorization_endpoint: `${process.env.URL}/auth`

to

authorization_endpoint: `${process.env.URL}/authorization`

Usage

After your IndieAuth server is built and deployed, you will need to add the following to the <head> of your site:

<link rel="indieauth-metadata" href="https://auth.example.com/.well-known/oauth-authorization-server">
<link rel="authorization_endpoint" href="https://auth.example.com/auth">
<link rel="token_endpoint" href="https://auth.example.com/token">

Where auth.example.com is the domain where your site gets deployed to, whether a Netlify subdomain (default) or custom domain if you are using one.

By default, this project sets up the following endpoints at the following routes:

GET /.well-known/oauth-authorization-server

Show IndieAuth Server Metadata.

GET /auth

Show login form to Authenticate.

POST /auth

Exchange code for Profile Information.

GET /token (legacy)

Check if token is valid.

POST /token

Exchange code for Access Token.

POST /introspect

Check if token is valid. Updated from GET /token on Feb 2022.

GET /userinfo

Get User Information.

References

About

barnacle

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages