node package manager



Access token authentication middleware for Express, NodeJS. Makes it easy to add access token authentication to any API.

Installing it with npm

Add to dependencies:

"authenticate": "*"

Installing via npm

npm install authenticate


var authenticate = require("authenticate");

// Inside of app.configure
    encrypt_key: "", // Add any key for encrypting data
    validate_key: "" // Add any key for signing data

And then...

The access token can be passed to a frontend client after the client is authenticated via some form of login. For example, making a POST to /login with email and password, verifying email and password are correct, and then passing the access token to the client. Here is some javascript for passing an access token to the client in JSON.

app.get('/login', function(req, res) {
	var authenticate = require("authenticate");
	// Insert user auth logic here
	res.writeHead(200, {
	    "Content-Type": "application/json"
	    "access_token": authenticate.serializeToken(client_id, user_id, extra_data) // extra data is optional

An access token embeds data into the request. You can then check whether the user and client have access to a resource or not. // user id // A client id // date access token was created // extra data passed in when serialized // Access token being passed in