This is the service component of authentic. This will help decode tokens so that you can authenticate users within a microservice.
const http = require('http')
const Authentic = require('authentic-service')
const auth = Authentic({
server: 'https://auth.scalehaus.io'
})
http.createServer(function (req, res) {
// Step 1: decrypt the token
auth(req, res, function (err, authData) {
if (err) return console.error(err)
// Step 2: if we get an email and it's one we like, let them in!
if (authData && authData.email.match(/@scalehaus\.io$/)) {
res.writeHead(200)
res.end('You\'re in!')
// otherwise, keep them out!
} else {
res.writeHead(403)
res.end('Nope.')
}
})
}).listen(1338)
console.log('Protected microservice listening on port', 1338)npm install --save authentic-service
This is the main entry point. Accepts an options object and returns a function that can parse and decrypt tokens from http requests.
const auth = Authentic({
server: 'https://auth.scalehaus.io'
})
// auth is now a function that accepts req, res, and a callback
auth(req, res, function(err, authData) { ... })Authentic() takes an options object as its first argument, one of them is required:
-
server: the url of theauthentic-server, e.g.'http://auth.yourdomain.com'
Optional:
-
prefix: defaults to'/auth'if you set a custom prefix for yourauthentic-server, use that same prefix here -
cacheDuration: defaults to3600000(1 hour in milliseconds). To minimize latency and requests, this is how longauthentic-servicewill cache theauthentic-serverpublic key. -
checkExpiredList: will check email against the expired list onauthentic-server, this will reject any token issued before a remote expiration (e.g. password change). This feature must also be enabled onauthentic-server.
MIT