shaninalex / chatapp Goto Github PK
View Code? Open in Web Editor NEWThis app created for educational purposes
This app created for educational purposes
identity - for root store module
chat - for dashboard module
Warning text:
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
There are not optimal code in profile service especialy in opbtaining token handler
Also config websoket for ejabberd server
Currently we create user token on register. But this token live only 1 hour. Need to create solution for refreshing user token
Also need to figure out auth token scope required for comunication. It should be able to cominicate with users, get lists of users, create group ("rooms") chat, send "buddy" request etc. But, should not be able to edit or delete existed users, create new user, issue token for another user except current etc. Bascialy all that can do admin should be disabled for regular user
New users should default connected to "lobby", show all users in this public group chat, subscribe to new notifications from lobby
Some times it's logout, do not catch messages...
To securely authenticate users in your Angular application with ejabberd without exposing their ejabberd credentials (username/password), you can follow a token-based authentication approach. The idea is to create a secure authentication flow where the Angular application receives an authentication token from your server after the user has been authenticated with ejabberd. This token can then be used to authenticate subsequent requests to the ejabberd server.
Here's a high-level overview of the process:
User Registration:
When a user registers in your application, your backend server should also register a corresponding user in the ejabberd server. This involves creating an XMPP account for the user.
Token Generation:
After a successful user registration, generate a secure authentication token on your backend server. This token will serve as the user's credential for authenticating with the ejabberd server.
Token Storage on the Frontend:
Send the generated token to the Angular frontend securely. You can use HTTPS to encrypt the communication between the server and the client.
Token Usage for XMPP Authentication:
When the Angular application needs to connect to the ejabberd server on behalf of the user, it includes the authentication token in the XMPP authentication request. The ejabberd server is configured to accept this token as a valid credential.
Secure Communication:
Ensure that all communication between the Angular application and the ejabberd server is done over a secure WebSocket connection (wss://) or HTTPS, depending on your setup.
Token Expiry and Refresh (Optional):
Implement token expiry and refresh mechanisms if needed. Tokens can have a limited lifespan, and the Angular application may need to refresh the token when it expires.
Here's a basic example of how you might structure the authentication flow in Angular:
// Angular Service for XMPP Authentication
import { Injectable } from '@angular/core';
import { HttpClient } from '@angular/common/http';
@Injectable({
providedIn: 'root',
})
export class XmppAuthService {
private ejabberdToken: string;
constructor(private http: HttpClient) {}
// Step 1: User Registration (Assuming this is done on your backend)
registerUser(username: string, password: string) {
// Your backend API endpoint to register the user in ejabberd
return this.http.post('/api/register', { username, password });
}
// Step 2: Token Generation (Assuming this is done on your backend)
generateToken(username: string, password: string) {
// Your backend API endpoint to generate the authentication token
return this.http.post('/api/generate-token', { username, password });
}
// Step 4: Token Usage for XMPP Authentication
connectToXMPP(username: string, token: string) {
// Use Strophe.js or any other XMPP library to connect to ejabberd
// Include the token in the XMPP authentication request
}
// Other methods for token management (refresh, expiry check, etc.) could be added here
}
Please note that this is a simplified example, and you'll need to implement the backend logic for user registration, token generation, and securely delivering the token to the frontend. Additionally, ensure that your ejabberd server is configured to accept tokens as a valid authentication method. Always follow best practices for securing tokens, and consider using technologies like HTTPS and JWT (JSON Web Tokens) for enhanced security.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.