Home / JavaScript / Miscellaneous

A demo project using OAuth to secure some of your Eleventy Serverless routes.

eleventy-demo-serverless-oauth A demo project using OAuth to secure some of your Eleventy Serverless routes. Demo on Netlify Deploy your own to Netlif
Information
Category: JavaScript / Miscellaneous
Watchers: 1
Star: 7
Fork: 1
Last update: Nov 8, 2021
Resource links
https://demo-eleventy-serverless-oauth.netlify.app/
https://github.com/11ty/demo-eleventy-serverless-oauth

eleventy-demo-serverless-oauth

A demo project using OAuth to secure some of your Eleventy Serverless routes.

  1. Demo on Netlify
  2. Deploy your own to Netlify

Run locally

npm install
npm run dev

Navigate to http://localhost:8888

The full login flow is supported on localhost, assuming the Redirect URI set in your OAuth Application is configured correctly.

Configuration

You will need a:

  • static login form
  • a secure serverless template
  • an OAuth Application provider

Static login form

Does not have to be in a serverless template. Put it in a shared header on your site!

<form action="/.netlify/functions/auth-before">
  <input type="hidden" name="securePath" value="/YOUR_PATH_HERE/">
  <button type="submit" name="provider" value="netlify">Login with Netlify</button>
  <button type="submit" name="provider" value="github">Login with GitHub</button>
</form>

securePath should contain the URL to the secured serverless template (see next section).

Secure Serverless Template

Serverless templates can be secured with the following front matter (this example is YAML):

---
permalink:
  dynamic: "/YOUR_PATH_HERE/"
secure:
  unauthenticatedRedirect: "/"
---

You may need to familiarize yourself with Eleventy Serverless templates.

Relevant files:

  • .eleventy.js adds the bundler plugin for the dynamic permalink.
  • The OAuth specific serverless function code: netlify/functions/dynamic/index.js
  • The relevant entries in .gitignore

OAuth Application Providers

This example includes providers via Netlify and GitHub. You can use one or more of these providers. If you only want a subset of these providers, just remove the Login buttons that you don’t want and don’t worry about the relevant environment variables for that provider.

  1. Create one or more OAuth applications: Netlify OAuth, GitHub OAuth, GitLab
  2. Add the appropriate environment variables to your .env file:
    • NETLIFY_OAUTH_CLIENT_ID and NETLIFY_OAUTH_CLIENT_SECRET are required for Login with Netlify
    • GITHUB_OAUTH_CLIENT_ID and GITHUB_OAUTH_CLIENT_SECRET are required for Login with GitHub
    • GITLAB_OAUTH_CLIENT_ID and GITLAB_OAUTH_CLIENT_SECRET are required for Login with GitLab

Tip: I like to set up two OAuth applications, one for production and one for local development so that I don’t have to worry about juggling the different Redirect URIs in the provider’s web interface. e.g. this will need to be http://localhost:8888/.netlify/functions/auth-callback for local development.

0 Open More issues
Closed

Add `Login with LinkedIn` demo

null

opened Nov 15, 2021 by kamal250 8
Closed

GitLab example provider.

Only thing I ran into was that GitLab doesn't like empty scope so I added that to the config. Also shuffled the provider configs out to their own file, hope that's ok.

opened Nov 8, 2021 by jmhobbs 3
Closed

Add `Login with Slack` demo

null

opened Nov 11, 2021 by harunhasdal 2
Closed

Test PR to show how to run everything through Serverless mode

null

opened Nov 10, 2021 by zachleat 1
Open

Add repository license?

Could you please add a license file for this repository, if that aligns with your intended use for it? Thank you!

opened May 19, 2022 by lehrblogger 0
Open

Specifying the --port breaks auth

I noticed that npm run dev generates the following output:

[Browsersync] Access URLs:
 -------------------------------
    Local: http://localhost:8080
 External: http://false:8080
 -------------------------------
[Browsersync] Serving files from: _site

   ┌─────────────────────────────────────────────────┐
   │                                                 │
   │   ◈ Server now ready on http://localhost:8888   │
   │                                                 │
   └─────────────────────────────────────────────────┘

I thought it was odd that the two local URLs had different ports. I tried specifying other ports in package.json by adding --port=8081 to the build and start scripts, but then got 404 errors for /.netlify/functions/auth-before. It looks like 8888 is hard-coded here:

https://github.com/11ty/demo-eleventy-serverless-oauth/blob/f6e47e7eed742e9a6263a2f8bedae48b7b9c2a90/netlify/functions/util/auth.js#L6

Should the demo project be able to work with ports other than 8888? Or is this the mismatch a requirement for Netlify functions?

Thanks! Sorry for not attempting a PR, I'm still a bit new to Eleventy.

opened May 19, 2022 by lehrblogger 0
Open

Can this be reusable in a better way?

I’d love to see it on the API Services https://www.11ty.dev/docs/api-services/

But it might be better bundled with the Serverless plugin, because of the tight coupling here https://github.com/11ty/demo-eleventy-serverless-oauth/blob/main/netlify/functions/dynamic/index.js

enhancement 
opened Nov 18, 2021 by zachleat 0
Open

Could this work with OneGraph?

👀 https://www.netlify.com/blog/2021/11/17/first-look-announcing-api-authentication-on-netlify/

enhancement 
opened Nov 18, 2021 by zachleat 0
Open

Proposed provider: Okta

https://developer.okta.com/code/

enhancement 
opened Nov 18, 2021 by zachleat 0
Open

Proposed provider: Auth0

https://auth0.com/docs/api

enhancement 
opened Nov 18, 2021 by zachleat 0

Contents

    embarkstudios tame-oauth - A (very) simple oauth 2.0 library
    thephpleague A spec compliant, secure by default PHP OAuth 2.0 Server
    jpadilla OAuth support for Django REST Framework
    thephpleague OAuth 1 Client
    BenDMyers An Eleventy plugin for your Markdown syntax which puts you in control of your emphasis markup.
    chrisburnell Cache webmentions using eleventy-cache-assets and make them available to use in collections, templates, pages, etc.
    BenDMyers Zero clientside JavaScript color contrast checker, built with Eleventy Serverless for the 11ties
    hankchizljaw Hebra is a skeletal Eleventy starter kit that gives you nothing but good ol’ HTML and an RSS feed. It serves as the ideal kick-off point for your projects.
    hankchizljaw Hylia is a lightweight Eleventy starter kit to help you to create your own blog or personal website.
    garygreen Pretty routes for Laravel
    5t3ph Extremely minimal Eleventy starter to kickstart a simple multi-page site / a nearly opinionless foundation to continue building on.
    andy-piccalilli In this Eleventy course, we go from a completely empty directory to a full-blown marketing site for a design agency, and along the way, we dive really deep into Eleventy and front-end development best practices.
    11ty A simple way to browse the different runtime services provided by Eleventy
    larryhudson Use Word documents as Eleventy input
    11ty An Eleventy data plugin to source transistor.fm episodes.
    11ty Group and sort Eleventy’s verbose output by directory (and show file size with benchmarks)
    amatsuda A Rake task gem that helps you find the unused routes and controller actions for your Rails 3+ app
    litl A Python library for OAuth 1.0/a, 2.0, and Ofly.
    joestump A fully tested, abstract interface to creating OAuth clients and servers.
    oauthlib A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
    maxzerbini OAuth 2.0 Authorization Server & Authorization Middleware for Gin-Gonic
    Share this repo

    Related Repos


    Miscellaneous
    5.5k
    Apache OpenWhisk is an open source serverless cloud platform
    apache OpenWhisk OpenWhisk is a serverless functions platform for building cloud applications. OpenWhisk offers a rich programming model for creating serverl
     
    Miscellaneous
    11
    Replaces twitter NFT idiocracy
    4ndv HexaGone HexaGone allows you to revert or customize twitter's new hexagonal avatars. It's a collection of a several userscripts, with different clip m
     
    Miscellaneous
    6
    replaces the nft avatars on twitter with subway jared
    virginteen replace-nft-avatars a chrome extension that replaces the nft avatars on twitter with subway jared to install Download this repo (Code > Download ZIP).
     
    Miscellaneous
    5
    Smart Contract Viewer for VS Code
    MetaplasiaTeam Contract Viewer English | 中文 Contract Viewer 是一个 VS Code 扩展,他可以帮你从区块链浏览器下载合约代码,只需要一个合约地址即可下载。 目前仅支持以太坊使用 Solidity 的智能合约,后续会支持更多类型。 快速开始 配置一个 API 在 Erh
     
    Miscellaneous
    5
    Video calling using WebRTC
    mehditeymorian webrtc-video-call This project is a video calling application using WebRTC technology. It contains minimum requirements to provide a group video call.
     
    Miscellaneous
    3
    A multipurpose bot, a clan bot, a all in one bot. The one bot u need for ur server origina...
    Tomato6966 Multipurpose-discord-bot A multipurpose bot, a clan bot, a all in one bot. The one bot u need for ur server originally made as Milrato discord Bot and
     
    Miscellaneous
    334
    A template for site builders and low-code tools.
    vercel Platforms Starter Kit The all-in-one starter kit for building platforms on Vercel. Introduction · Guide · Demo · Contributing Deploy Your Own Read the
     
    Miscellaneous
    152
    A Raycast/Alfred/Spotlight alternative
    ospfranco sol A Raycast/Alfred/Spotlight alternative Don't bother trying to run this, it's WIP, right now only the basic UI is there, no logic, there many bugs/
     
    Miscellaneous
    73
    Self hosted media tracker for movies, tv shows, video games, books and audiobooks
    bonukai MediaTracker · Self hosted platform for tracking movies, tv shows, video games, books and audiobooks, highly inspired by flox Demo https://mediatracke
     
    Miscellaneous
    52
    Everytime I come across good Github profiles I index them here
    championswimmer awesome-devs Everytime I come across good Github profiles I index them here NOTE: If you are on the github repo currently, go to the website 👇 to see
     
    Miscellaneous
    49
    Minimalist template for foundry projects
    ZeframLou Foundry template This is a template for a Foundry project. Installation To install with DappTools: dapp install [user]/[repo] To install with Foundry
     
    Miscellaneous
    45
    Log in the node terminal from the browser
    patak-dev vite-plugin-terminal Log in the node terminal from the browser Open a playground online in StackBlitz Install npm i -D vite-plugin-terminal Add plugin
     
    Miscellaneous
    43
    A simple web3 app for minting NFTs
    fireship-io Web3 - Full Tutorial The demo contains a basic web3 app and smart contract for minting NFTs. See it in action in the Web3 NFT Tutorial on YouTube. Fol
     
    Miscellaneous
    28
    A three.js component library for Svelte.
    grischaerbe A three.js component library for svelte. Index What is threlte? Getting started Concepts Interactivity Viewport Awareness Reactivity Conventions Refer
     
    Miscellaneous
    26
    Wordle Svelte Clone
    tayfunerbilen Wordle Svelte Clone Son zamanlarda popüler olan WORDLE uygulamasını svelte ile yapmaya çalıştım. Bu tarz acaba yapsam nasıl yapardım uygulamarı bana ç