Timo Hocker
cd9d0aff5b
Some checks failed
continuous-integration/drone/push Build is failing
ava: 3.11.1 ==> 3.12.1 minor
@sapphirecode/auth-server-helper
version: 1.1.x
authentication middleware for express
Installation
npm:
npm i --save @sapphirecode/auth-server-helper
yarn:
yarn add @sapphirecode/auth-server-helper
Usage
const auth = require('@sapphirecode/auth-server-helper');
const password_helper = require('@sapphirecode/password_helper');
const users = {
foo: {
id: 0
password: await password_helper.hash('bar'),
salt: '123'
}
}
// add cookieParser to allow session management via cookies
app.use(cookieParser());
// the middleware needs a function to determine user data
// this function can also return a promise
app.use(auth((user_name) => {
if (!users[user_name])
return null;
return users[user_name];
}));
when a client logs in, it will set a header called 'session' that the client can use to authorize the following requests. it also sets a cookie to make requesting from the client more simple. (cookie parser is needed to make authentication with cookies possible)
the id of the logged in user will be available in req.connection.user_id in
all of the following request handlers.
Excluding routes
exceptions to the auth module can be added by adding an array of regular expressions a specific method can also be filtered for by giving an object instead of a plain regular expression.
auth(..., [/no-auth/, {regex: '/no-auth-post/', method: 'POST'}]);
License
MIT © Timo Hocker timo@scode.ovh