Go to file

Timo Hocker fef0015bde update-scanner: automatic update

@scode/password-helper: 1.0.27 ==> 1.0.29 minor

2020-05-04 21:49:59 +02:00

test

fix license

2020-03-25 16:58:43 +01:00

.eslintrc.js

fix license

2020-03-25 16:58:43 +01:00

.gitignore

add stryker

2020-03-14 14:18:23 +01:00

.npmrc

init

2020-03-06 11:56:10 +01:00

index.js

fix license

2020-03-25 16:58:43 +01:00

jenkins.js

fix license

2020-03-25 16:58:43 +01:00

Jenkinsfile

init

2020-03-06 11:56:10 +01:00

mock_server.js

fix license

2020-03-25 16:58:43 +01:00

package.json

add compile script

2020-05-04 20:38:30 +02:00

README.md

add readme for exceptions

2020-03-14 12:38:40 +01:00

stryker.conf.js

fix license

2020-03-25 16:58:43 +01:00

yarn-error.log

cleaning up old code

2020-03-06 18:02:08 +01:00

yarn.lock

update-scanner: automatic update

2020-05-04 21:49:59 +02:00

README.md

Auth Server Helper

Authentication middleware for express

Usage

const auth = require('@scode/auth-server-helper');
const password_helper = require('@scode/password_helper');

const users = {
  foo: {
    id: 0
    password: await password_helper.hash('bar'),
    salt: '123'
  }
}

// add cookieParser to allow session management via cookies
app.use(cookieParser());

// the middleware needs a function to determine user data
// this function can also return a promise
app.use(auth((user_name) => {
  if (!users[user_name])
    return null;
  return users[user_name];
}));

when a client logs in, it will set a header called 'session' that the client can use to authorize the following requests. it also sets a cookie to make requesting from the client more simple. (cookie parser is needed to make authentication with cookies possible)

Excluding routes

exceptions to the auth module can be added by adding an array of regular expressions a specific method can also be filtered for by giving an object instead of a plain regular expression.

auth(..., [/no-auth/, {regex: '/no-auth-post/', method: 'POST'}]);