@codestra/authentication-manager
authentication-manager is a package that provides helper functions for user management.
Installation
Use npm for installation:
npm install @codestra/authentication-manager
Or use yarn for installation:
yarn add @codestra/authentication-manager
Usage
You need to have a running mongoose connection.
Example
The following is a full example of all the functions and how you can use them.
// The model needs to at least have these fields
const UserSchema = new mongoose.Schema({
email: { type: String, required: true, unique: true },
password: { type: String, required: true },
salt: { type: String },
passwordResetToken: { type: String },
passwordResetExpires: { type: Number },
activated: { type: Boolean },
activationToken: { type: String },
});
const User = mongoose.model('User', UserSchema);
// creates a new user and returns the modelSignUpData._id and modelSignUpData.activationToken
const modelSignUpData = await modelSignUp({
Model: User,
variables: { email: 'foo@bar.io', password: 'verymuchsecure' },
});
// activates the user with the activation token and returns a authentication token
const authenticationTokenActivate = await modelActivate({
Model: User,
variables: { activationToken: modelSignUpData.activationToken },
});
// returns the authentication modelSignInData.token and modelSignInData._id if the password was right
const modelSignInData = await modelSignIn({
Model: User,
variables: { email: 'foo@bar.io', password: 'verymuchsecure' },
});
// verifies the authentication token
const authentication1 = modelVerify({ token: authenticationTokenActivate });
// or
const authentication2 = modelVerify({ token: modelSignInData.token });
// returns a password reset token that we need to give the user to reset
const passwordResetToken = await modelRequestResetPassword({
Model: User,
variables: { email: 'foo@bar.io' },
});
// verifies that the password reset token was right and sets the new password
const email = await modelRequestUpdatePassword({
Model: Vendor,
variables: { passwordResetToken, email: 'foo@bar.io', password: 'newverysecure' },
});
Functions
- genRandomString(length)
generates random string of characters i.e salt
- createHash(password, salt)
hash password with sha512.
-
modelActivate(parameters) ⇒
Promise.<string>
Activates the model with the activationToken and returns the jwt.
-
modelRequestResetPassword(parameters) ⇒
Promise.<string>
Will update the reset token and send an email. If the user was found, will return passwordResetToken
-
modelRequestUpdatePassword(parameters) ⇒
Promise.<string>
Will update the reset token and send an email. If the user was found, will return the mail
-
modelResendActivation(parameters) ⇒
Promise.<string>
Request the activation token.
-
modelSignIn(parameters) ⇒
Promise.<string>
Signs in the model and sends back the jwt if the account is activated. Will also make the email lowercase before trying to find the document.
-
modelSignUp(parameters) ⇒
Promise.<{activationToken: string, _id: string}>
Creates a new document based on the supplied model the email, password and other fields. Will return the new _id and the activationtoken
-
modelVerify(parameters) ⇒
JwtPayload
|null
Verifies the token
genRandomString(length)
generates random string of characters i.e salt
Param | Type | Description |
---|---|---|
length | number |
Length of the random string. |
createHash(password, salt)
hash password with sha512.
Param | Type | Description |
---|---|---|
password | string |
List of required fields. |
salt | string |
Data to be validated. |
createHash~hash
Gives us salt of length 16
Promise.<string>
modelActivate(parameters) ⇒ Activates the model with the activationToken and returns the jwt.
Returns: Promise.<string>
-
the jwt for the authentication
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.Model | mongoose.Model |
mongodb model |
parameters.variables.activationToken | string |
the activation token for which model we want to activate the account |
parameters.onCompleted | function |
callback on completed. Returns the token. |
Promise.<string>
modelRequestResetPassword(parameters) ⇒ Will update the reset token and send an email. If the user was found, will return passwordResetToken
Returns: Promise.<string>
-
returns the reset token
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.Model | mongoose.Model |
mongodb model |
parameters.variables.email | string |
the email for which we want to reset the password |
parameters.onCompleted | function |
callback on completed. Returns the passwordResetToken |
Promise.<string>
modelRequestUpdatePassword(parameters) ⇒ Will update the reset token and send an email. If the user was found, will return the mail
Returns: Promise.<string>
-
the found email for which we want to resend the activation
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.Model | mongoose.Model |
mongodb model |
parameters.variables.email | string |
the email for which we want to resend the activation |
parameters.variables.password | string |
the new password |
parameters.variables.passwordResetToken | string |
the passwordResetToken |
parameters.onCompleted | function |
callback on completed. Returns the e-mail. |
Promise.<string>
modelResendActivation(parameters) ⇒ Request the activation token.
Returns: Promise.<string>
-
the found email for which we want to resend the activation
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.Model | mongoose.Model |
mongodb model |
parameters.variables.email | string |
the email for which we want to resend the activation |
parameters.onCompleted | function |
callback on completed. Returns the activationToken. |
Promise.<string>
modelSignIn(parameters) ⇒ Signs in the model and sends back the jwt if the account is activated. Will also make the email lowercase before trying to find the document.
Returns: Promise.<string>
-
the jwt for the authentication
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.Model | mongoose.Model |
mongodb model |
parameters.variables.email | string |
the email |
parameters.variables.password | string |
the password |
parameters.onCompleted | function |
callback on completed. Returns the jwt |
Promise.<{activationToken: string, _id: string}>
modelSignUp(parameters) ⇒ Creates a new document based on the supplied model the email, password and other fields. Will return the new _id and the activationtoken
Returns: Promise.<{activationToken: string, _id: string}>
-
the activationtoken and _id as a string
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.Model | mongoose.Model |
mongodb model |
parameters.variables.email | string |
the email which will be used for registration made lowercase |
parameters.variables.password | string |
the password |
parameters.onCompleted | function |
callback on completed. Returns the _id |
JwtPayload
| null
modelVerify(parameters) ⇒ Verifies the token
Returns: JwtPayload
| null
-
the jwt for the authentication. If verified correctly, returns {id} so for mongoose, you need to make it _id
Param | Type | Description |
---|---|---|
parameters | Object |
function parameters |
parameters.token | string |
mongodb model |
Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.