在當今的數位行業中,任何成功的應用程式都必須優先考慮安全性和用戶體驗。使用者身份驗證是應用程式安全的關鍵方面之一,但它對開發人員來說也可能是一個重大挑戰,因為它需要理解並正確實現複雜的協定。建立內部身份驗證系統可能需要三到六個月。作為開發人員,我們不斷尋找使身份驗證整合更容易的解決方案,同時確保用戶資料的最大保護。值得慶幸的是,SDK 庫可以讓這項任務變得更加容易。本文探討了 Authgear 提供哪些 SDK 和 API 以及它們如何為開發人員簡化身份驗證整合。
什麼是 Authgear?
Auhgear is a highly adaptable identity-as-a-service (IDaaS) platform for web and mobile applications. As Auhgear is constructed on the OpenID Connect (OIDC) standard, it supports a wide range of identity providers, including Google, Apple, and Azure Active Directory (AD). Authgear enables developers to integrate multiple authentication methods, such as social logins, passwordless, biometrics logins, one-time-password (OTP) with SMS/WhatsApp, and multi-factor authentication (MFA). Authgear takes care of the heavy lifting in terms of user authentication, making it easier and faster to implement by integrating it into various types of applications - from single-page web apps to mobile applications to API services. You can also change how the end-users see your signup and login pages with a user-friendly drag-drop low-code dashboard. Most importantly, you can get started with Authgear for free until you have a lot of active users and you want to customize pages under your brand.
Authgear SDK 函式庫
Authgear SDK 可以輕鬆整合到您的應用程式中,無論是單頁應用程式(Angular、Vue、React)、行動應用程式(IOS、Android、React Native、Flutter),還是常規 Web 應用程式。在大多數情況下,它只涉及幾行程式碼。還有全面的文檔和社群支援可以引導您完成整合過程。 Authgear 提供適用於各種平台和語言的 SDK。下面,我們按應用程式類型細分著名的庫和 SDK,並選擇您的應用程式類型作為入門指南。
單頁應用程式 (SPA) SDK 庫
您需要保護完全在瀏覽器中運行的 JavaScript SPA 應用程式:
| SDK | Description | Getting started |
|---|---|---|
| Angular | Add authentication to your Angular application | https://docs.authgear.com/tutorials/spa/angular |
| Flutter | Integrating Authgear with a Flutter app | https://docs.authgear.com/get-started/flutter |
| JavaScript | Integrate Authgear to your website with the Web SDK | https://docs.authgear.com/get-started/website |
| React | Add user logins to your React apps | https://docs.authgear.com/tutorials/spa/react |
| Vue | Add authentication to your Vue application | https://docs.authgear.com/tutorials/spa/vue |
本機和行動應用程式 SDK 庫
如果您正在開發行動或桌面應用程序,請從這些 SDK 中選擇一個適合您平台的 SDK 來開始使用。
| SDK | Description |
|---|---|
| Android | Integrating Authgear with an Android app |
| Flutter | Integrating Authgear with a Flutter app |
| IOS | Integrating Authgear with an IOS app |
| React Native | Integrating Authgear with a React Native app |
| Xamarin | Integrating Authgear with a Xamarin app |
請注意,這些 SDK 會經常更新,可能會定期添加新的 SDK。
可用於單頁和行動應用程式的基於令牌的身份驗證方法:
後端服務和API認證
If your API or backend service needs authentication, you can validate the JWT token in your application server code. You can find step-by-step examples for Python, Go, and Node.js to verify and decode the JWT token from the Authorization header of an incoming HTTP request. For other programming languages, you can use Authgear Authentication APIs to configure OIDC authentication.
常規網路應用程式
If you have a traditional web application like Java EE, Express, PHP, GO, Laravel, orASP.NETCore MVC and you want to integrate authentication features, you can use a Cookie-based authentication method.
管理介面
If you need to programmatically perform Authgear administrative tasks like managing users or anything that can be done through the Authgear Portal’s dashboard can also be done through this API, you use Admin API REST or GraphqQL endpoints.
事件和掛鉤
Yet another cool feature of Authgear is Events and Hooks where you can easily customize the authentication pipeline. Hooks are secure, self-contained functions that allow you to customize the behavior of Auhgear. Authgear invokes hooks during runtime to execute your custom JavaScript code. For instance, you can add logic to assign roles to new users, trigger actions after login, block suspicious activity, and more.
Authgear 入門
Authgear 可讓您根據程式語言、您正在使用的框架或從上述部分中選擇的 SDK 新增身份驗證。以下是有關如何開始使用任何 SDK 的 常見 步驟。
Step 1. Create an Authgear account Signup for a free Authgear Portal account at https://portal.authgear.com/.
Or you can use your self-deployed (using Docker or Helm chart) Authgear.
步驟 2. 在入口網站中建立應用程式
若要使用 Authgear 服務,您需要在 Authgear 入口網站中設定應用程式。您可以在 Authgear 應用程式中設定您正在開發的專案的身份驗證工作方式。
- 登入後,導航至“應用程式”選項卡,然後按一下“新增應用程式”。
- 選擇適當的應用程式類型(例如,傳統 Web 應用程式、單頁應用程式或本機應用程式)並為您的應用程式提供名稱。
- 點擊“儲存”並保留客戶端 ID。透過 Authgear SDK 初始化連線時您將需要它。
Every application in Authgear is assigned an alphanumeric, unique client ID that your application code will use to call Authgear APIs through the SDK. Learn more about how to call your application server using SDKs.
步驟 3. 設定應用程式
- 建立應用程式後,您將被定向到「設定」選項卡,您可以在其中配置應用程式的設定。
- 使用應用程式中對應的 URL 填寫必填字段,例如「授權重定向 URI」和「登出後重定向 URI」。
- 儲存您的變更。
步驟 4. 選擇使用者的驗證方式
從「身份驗證」標籤中,您可以為您的使用者選擇登入方法。選項包括透過電子郵件、行動裝置或社交媒體、僅使用使用者名稱或您指定的自訂方法。
步驟5.安裝相關的Authgear SDK
您可以按照上表中相應 Authgear SDK 的入門指南中的說明進行操作,具體取決於您的平台。
概括
Authgear SDKs and APIs make auth integration significantly more straightforward for developers. By offloading much of the complexity associated with authentication, developers can focus on creating value-adding features for their applications. Authgear is a cloud-based solution that scales with your needs. Whether you have hundreds of users or millions, it can handle the load, providing reliable and fast authentication.
相關資源
- Authentication-as-a-Service: What Is It and Why You Need It
- Frictionless Authentication: What Is It & How To Implement It?