This module provides utilities for authentication and authorization in Express.js applications by using.
To install this module, use the following command:
npm install --save auth-processor@2.2.1
Authentication
To authenticate requests in your routes, use one of authenticate's methods. Those methods verify the validity of the JWT token in the request header.
There are three kind of authenticates:
- accessLiableAuthenticate: for enterprise authentication
- accessDGIAuthenticate for DGI authentication
- accessSBSAuthenticate: for SBS authentication
const { accessLiableAuthenticate } = require('auth-processor');
//for global usage
app.use(accessLiableAuthenticate);
//local usage
app.get('/protected', accessLiableAuthenticate, (req, res) => {
// Your resource handling logic here
});Authorization
To authorize access to certain resources based on user accreditations, use the authorize method.
const { authorize } = require('auth-processor');
const requiredAccreditations = ["read", "write"];
app.get('/resource', authorize(requiredAccreditations), (req, res) => {
// Your resource handling logic here
});Make sure to set up the necessary environment variables such as SECRET_LIABLE_KEY, LIABLE_USER_URL, SECRET_DGI_KEY, DGI_USER_URL, SECRET_SBS_KEY and SBS_USER_URL for the methods to work correctly.
Here is an example of using the authenticate and authorize methods together:
const express = require('express');
const { accessDGIAuthenticate, authorize } = require('auth-processor');
const app = express();
const requiredAccreditations = ["read", "delete"];
app.get('/protected-resource', accessDGIAuthenticate, authorize(requiredAccreditations), (req, res) => {
// Logic for handling the protected resource
});
app.listen(3000, () => {
console.log('Server is listening on port 3000');
});This package is licensed under ISC. See the LICENSE file for more details.