Can AdonisJS be a social auth provider?

[andrewwippler]

I am trying to build personal applications to supercharge my day-to-day living and I need help with managing all the passwords.

Rather than create unique accounts for each of my applications, I would like to have a centralized social auth server where each of my applications authenticate against using the Ally driver. I know that I can use something like FreeIPA, but that seems a bit heavy for my use case. I just want a boolean value that something or someone can access my created projects.

So far, I have created [https://github.com/andrewwippler/home-auth-server](a basic AdonisJS application), which returns an API token. On my application frontends, I login to this backend and use a separate API server, which handles the logic of the application. I want to fix the security hole by ensuring the auth server and application API talk to each other and prevent guests from accessing the API without logging in first.

My assumption is that I want AdonisJS to be the Social Auth provider and other applications act as clients.

Does anyone have code references or documentation that would help me build out this solution or point me in the right location?

[RomainLanz]

Hey @andrewwippler! 👋🏻

We don't have any first-party modules to make Adonis compliant with OAuth2 / OpenID Connect, but nothing stops you from building one that fits your need!

You can also simplify the process if you are handling all applications and don't require any third-party to use your authentication server.