# @sapphirecode/auth-server-helper

version: 1.1.x

authentication middleware for express

## Installation

npm:

> npm i --save @sapphirecode/auth-server-helper

yarn:

> yarn add @sapphirecode/auth-server-helper

## Usage

```js
const auth = require('@sapphirecode/auth-server-helper');
const password_helper = require('@sapphirecode/password_helper');

const users = {
  foo: {
    id: 0
    password: await password_helper.hash('bar'),
    salt: '123'
  }
}

// add cookieParser to allow session management via cookies
app.use(cookieParser());

// the middleware needs a function to determine user data
// this function can also return a promise
app.use(auth((user_name) => {
  if (!users[user_name])
    return null;
  return users[user_name];
}));

```

when a client logs in, it will set a header called 'session' that the client can
use to authorize the following requests. it also sets a cookie to make
requesting from the client more simple. (cookie parser is needed to make
authentication with cookies possible)

the id of the logged in user will be available in `req.connection.user_id` in
all of the following request handlers.

### Excluding routes

exceptions to the auth module can be added by adding an array of regular
expressions a specific method can also be filtered for by giving an object
instead of a plain regular expression.

```js
auth(..., [/no-auth/, {regex: '/no-auth-post/', method: 'POST'}]);
```

## License

MIT © Timo Hocker <timo@scode.ovh>