RSS shared Node.js library for cross cutting concerns.
- axios http helper
- env and secrets loading
- mongo connection
- redis/in-memory cacher
- logger and express logging and error middleware
- openid client
- openid helper
- openid strategy
- passport authentication strategy
- start child process
- shared services like relationships, workflow, etc.
$ npm install @rss/common-nodejs
openIdClient must be initialized before calling any other rss apps.
const { env, secret, openIdClient } = require('@rss/common-nodejs');
await openIdClient.init(env.OPENID_URL, { client_id: secret.CLIENT_ID, client_secret: secret.CLIENT_SECRET });
const accessToken = await openIdClient.accessToken();
The RSS authentication strategy authenticates users using a token passed in on the Authorization
request header.
The strategy requires a verify
callback, which accepts a valid decoded token and calls done
providing a user.
passport.use(
openIdStrategy(env.OPENID_URL, (red, claim, done) => {
done(null, claim);
}),
);
Use passport.authenticate()
, specifying the 'jwt'
strategy, to authenticate requests.
app.use(passport.authenticate('jwt', { session: false }));
app.use('/api/sample', authz(['SCOPE']), require('./sample.routes'));
This strategy takes an hash value with the following options
-
session
- Options, save user to session - should be set to false