Access token authentication middleware for Express, NodeJS


Access token authentication middleware for Express, NodeJS. Makes it easy to add access token authentication to any API.

Add to dependencies:

"authenticate": "*"
npm install authenticate
var authenticate = require("authenticate");

// Inside of app.configure
    encrypt_key: "", // Add any key for encrypting data
    validate_key: "" // Add any key for signing data

The access token can be passed to a frontend client after the client is authenticated via some form of login. For example, making a POST to /login with email and password, verifying email and password are correct, and then passing the access token to the client. Here is some javascript for passing an access token to the client in JSON.

app.get('/login', function(req, res) {
    var authenticate = require("authenticate");
    // Insert user auth logic here
    res.writeHead(200, {
        "Content-Type": "application/json"
        "access_token": authenticate.serializeToken(client_id, user_id, extra_data) // extra data is optional

An access token embeds data into the request. You can then check whether the user and client have access to a resource or not. // user id // A client id // date access token was created // extra data passed in when serialized // Access token being passed in