65 lines
1.4 KiB
Markdown
65 lines
1.4 KiB
Markdown
# @sapphirecode/auth-server-helper
|
|
|
|
version: 1.1.x
|
|
|
|
authentication middleware for express
|
|
|
|
## Installation
|
|
|
|
npm:
|
|
|
|
> npm i --save @sapphirecode/auth-server-helper
|
|
|
|
yarn:
|
|
|
|
> yarn add @sapphirecode/auth-server-helper
|
|
|
|
## Usage
|
|
|
|
```js
|
|
const auth = require('@sapphirecode/auth-server-helper');
|
|
const password_helper = require('@sapphirecode/password_helper');
|
|
|
|
const users = {
|
|
foo: {
|
|
id: 0
|
|
password: await password_helper.hash('bar'),
|
|
salt: '123'
|
|
}
|
|
}
|
|
|
|
// add cookieParser to allow session management via cookies
|
|
app.use(cookieParser());
|
|
|
|
// the middleware needs a function to determine user data
|
|
// this function can also return a promise
|
|
app.use(auth((user_name) => {
|
|
if (!users[user_name])
|
|
return null;
|
|
return users[user_name];
|
|
}));
|
|
|
|
```
|
|
|
|
when a client logs in, it will set a header called 'session' that the client can
|
|
use to authorize the following requests. it also sets a cookie to make
|
|
requesting from the client more simple. (cookie parser is needed to make
|
|
authentication with cookies possible)
|
|
|
|
the id of the logged in user will be available in `res.connection.user_id` in
|
|
all of the following request handlers.
|
|
|
|
### Excluding routes
|
|
|
|
exceptions to the auth module can be added by adding an array of regular
|
|
expressions a specific method can also be filtered for by giving an object
|
|
instead of a plain regular expression.
|
|
|
|
```js
|
|
auth(..., [/no-auth/, {regex: '/no-auth-post/', method: 'POST'}]);
|
|
```
|
|
|
|
## License
|
|
|
|
MIT © Timo Hocker <timo@scode.ovh>
|