npm
Sign UpSign In

@virgilsecurity/passport-pythia
TypeScript icon, indicating that this package has built-in type declarations

1.0.0 • Public • Published

This README is for @virgilsecurity/passport-pythia v1.0.0. Check the v0.1.x branch for an old version.

@virgilsecurity/passport-pythia

npm Build Status GitHub license

Passport strategy for authenticating with the Virgil Pythia PRF service.

This module lets you authenticate using a username and password while protecting the passwords cryptographically using the Pythia PRF service. We'll refer to passwords protected with the Pythia PRF service as Breach-Proof Password.

By plugging into Passport, Breach-Proof Password support can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Pre-requisites

  • Create a free Virgil Security account.
  • Create a Breach-Proof Password Storage app in the Virgil Security Dashboard.
  • Create an API Key in the Virgil Security Dashboard.

Install

npm install @virgilsecurity/passport-pythia

This module depends on virgil-pythia module to be installed to be able to communicate with the Virgil Pythia PRF service and perform the cryptographic operations necessary to verify the passwords.

npm install virgil-pythia

You also need to install @virgilsecurity/pythia-crypto and virgil-crypto, unless plan to use custom crypto implementations.

npm install @virgilsecurity/pythia-crypto virgil-crypto

Usage

Configure strategy

The strategy requires two parameters. The first is an instance of Pythia class from the virgil-pythia module. The second is a getAuthenticationParams callback, which is responsible for retrieving the breach-proof password parameters of the user making the request. It accepts the request object and a callback to be called with an error as a first argument, if any, and the breach-proof password parameters as the second argument.

passport.use(new PythiaStrategy(
    virgilPythia,
    (request, cb) => {
        User.findOne({ username: request.body.username }, (err, user) => {
            if (err) return cb(err);
            if (!user) return cb(new Error('Invalid username'));
            cb(null, {
                user,
                password: request.body.password,
                salt: user.bppSalt,
                deblindedPassword: user.bppDeblindedPassword,
                version: user.bppVersion
            });
        });
    }
));

Authenticate Requests

Use passport.authenticate(), specifying the 'pythia' strategy, to authenticate requests. For example, as route middleware in an Express application:

app.post(
  '/sign-in',
  passport.authenticate('pythia', {
    successRedirect: '/profile',
    failureRedirect: '/sign-in',
  }),
);

Examples

Developers using the Express web framework can refer to an example as a starting point for their own web applications.

Tests

To run this example on your computer, clone this repository and install dependencies.

git clone https://github.com/VirgilSecurity/virgil-passport-pythia.git
cd passport-pythia
npm install

Create a new file named .env with the contents of .env.example

cp .env.example .env

Open the .env file in a text editor and replace the values starting with [YOUR_VIRGIL_... with the corresponding values from your Virgil Dashboard.

Run the tests.

npm test

License

This library is released under the BSD 3-Clause License.

Readme

Keywords

none

Package Sidebar

Install

npm i @virgilsecurity/passport-pythia

Repository

github.com/VirgilSecurity/virgil-passport-pythia

Homepage

github.com/VirgilSecurity/virgil-passport-pythia#readme

Weekly Downloads

1

Version

1.0.0

License

BSD-3-Clause

Unpacked Size

13.8 kB

Total Files

13

Last publish

Collaborators

  • rstp
  • ddain
  • mbalyaba
Try on RunKit
Report malware