简体繁体 English

角度4/5中身份验证和令牌的最佳实践

[英]best practice for authentication and token in angular 4/5

原文 2018-02-12 17:51:27 2 2 angular/ amazon-web-services/ authentication/ jwt/ amazon-cognito

I'm working on Angular app and now I need to implement authentication. 我正在开发Angular应用，现在我需要实现身份验证。 My app is hosted on AWS S3 bucket, I use a postgreSQL on AWS RDS and to read data from the database I use php functions hosted on AWS EC2. 我的应用程序托管在AWS S3存储桶上，我在AWS RDS上使用postgreSQL，并使用AWS EC2上托管的php函数从数据库中读取数据。

At the moment I'm struggling with what authentication method I implement and I'm looking for a simple but efficient tutorial with my architecture. 目前，我正在为实现哪种身份验证方法而苦苦挣扎，并且正在寻找一个简单但有效的体系结构教程。

I need token to verify the origin of the calls. 我需要令牌来验证呼叫的来源。

Which authentication method is best for my use and integrates better? 哪种身份验证方法最适合我的使用并且集成得更好？

I've read about these possibilities: jwt, amazon cognito and auth0 but I'm not able to decide because I'm pretty new to angular. 我已经了解了以下可能性：jwt，amazon cognito和auth0，但由于我对angular还是很陌生，所以我无法决定。 Along with the answer, can you link me to the best tutorial? 除了答案，您还可以将我链接到最佳教程吗？ thank you 谢谢

2 个解决方案

Just like you I have tried various authentication methods And finally ended up with Auth0. 就像您一样，我尝试了各种身份验证方法，最后以Auth0结尾。 Auth0 Provides the easy way of integrating the authentication and its free as well. Auth0提供了集成身份验证及其免费身份的简便方法。

https://manage.auth0.com/#/ https://manage.auth0.com/#/

just signup for the acccount 只需注册帐户
Create client 建立客户
Follow the Angular 2+ instructions 遵循Angular 2+说明

For your convenience, I have implemented the Auth0 in Angular5 project. 为了您的方便，我在Angular5项目中实现了Auth0。 https://github.com/ragavanrajan/expenseTracker https://github.com/ragavanrajan/expenseTracker

please follow the readme ( especially first steps) before you serve it. 服务前，请先阅读自述文件（尤其是第一步）。

If you do not go into the complexities of multifactor authentication or authentication with Google or Facebook credentials, the simplest authentication mechanism is based on the idea put forward in the "Resource Owner Password Credentials Grant" of the OAuth 2.0 specification. 如果您不了解使用Google或Facebook凭据进行多因素身份验证或身份验证的复杂性，则最简单的身份验证机制是基于OAuth 2.0规范“资源所有者密码凭据授予”中提出的想法。

At a high level, how it works has been outlined here in this StackOverflow answer: https://stackoverflow.com/a/41650550/1235935 总体而言，此StackOverflow答案中概述了它的工作方式： https ://stackoverflow.com/a/41650550/1235935

From the Angular perspective, the handling of the API calls would look like the code shared in the following StackOverflow answer: 从Angular的角度来看，API调用的处理类似于以下StackOverflow答案中共享的代码：

https://stackoverflow.com/a/47969120/1235935 https://stackoverflow.com/a/47969120/1235935

Depending on the technology and platform you use in the back-end, the code may need some change. 根据您在后端使用的技术和平台，代码可能需要进行一些更改。 However, more or less the idea will remain the same. 但是，或多或少的想法将保持不变。