README

Follow this for getting started

What is this module for?

this module is used for authentication and authorization

Who do I talk to?

• kamodh.pandey216@gmail.com

NEW FEATUES I AM WORKING ON

• gmail authentication

How do I get set up?

 npm install authkamodh

FEATURES AVAILABLE

signtoken('server secret', json data to encript into token, accesstokenexpiry in seconds, refreshtoken expiry)

**Examples:**

**signtoken ('server secret',{userid:1, role: 'user'} , 30000, 'unlimited')**

**signtoken ('server secret',{userid:1, role: 'user'} , 30000, 500000)**

**Explaination:**

**signtoken will generate the token and lock it with key 'server secret'**

authenticate('server secret')

**Explaination: will  decrypt  the token into json data by unlocking it with the key 'server secret'**

**otherwise throws error if token is expired or invalid**

authorize(role)

**Explaination: will authorize for the given role**

refreshtoken

**you have to pass accesstoken in header and refreshtoken in body**
**Explaination:**

**this will generate the new accesstoken from refreshtoken passed in body**

USAGE

  const auth = require('authkamodh');

 app.post('/login', function(req, res) {
   if (username='admin' && password == 'admin') {
     let token = auth.signtoken('server secret', {userid:1, role: 'admin'}, 30000, 80000);
     res.status(200).json(token);
   } else if (username == 'user' && password == 'password') {
       let token = auth.signtoken('server secret', {userid:2, role: 'user'}, 30000, 'unlimited');
       res.status(200).json(token);
     } else {
     response.send('unauthorized');
   }
 })

curl --request POST --url http://localhost:3000/login

// API with admin acccess only
app.post('/adminurl', auth.authenticate('server secret'), auth.authorize('admin'), function(req,res) {
    res.send("you can access this with admin token only")
})

curl --request POST
  --url http://localhost:3000/adminurl
  --header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOjEsInJvbGUiOiJ1c2VyIiwiaWF0IjoxNTEzMzM5MTQ5LCJleHAiOjE1MTMzNjkxNDl9.FtNKnTvm5EcmMcEehcz47ll97DZnetPsNELIlxo-4y4'

// API with user access only
app.post('/userurl', auth.authenticate('server secret'), auth.authorize('user'), function(req,res) {
    res.send("you can access this with user token only")
})

// API for user and admin access
app.post('/adminAndUser', auth.authenticate('server secret'), auth.authorize(['admin','user']), function(req,res) {
    res.send("you can access this with admin as well as user token")
})

// Accessing the session user after auth and any user role
app.post('/anyapi', auth.authenticate('server secret'), auth.authorize(['role1','role2']), function(req,res) {
 
    console.log(req.user);
    // OUTPUT WILL BE THE SIGHNING DETAILS JSON of the token
    /*
     EG : {userid:1, role: 'user'} OR  {userid:1, role: 'admin'} based on whom the token belongs to
    */
    res.send("you can access this with role1 as well as role2 token")
})

//Getting new access and refresh token
// NOTE make sure you pass the Authorization Header with accesstoken and in body send {refreshtoken: "<refresh token>"}
app.post('/refresh', auth.refreshtoken('server secret'), function(req,res) {
  // use can access the new token object in req object
  // i.e  req.token
  res.send(req.token);
})

curl --request POST
  --url http://localhost:3000/refresh
  --header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOjEsInJvbGUiOiJ1c2VyIiwiaWF0IjoxNTEzMzM5MTQ5LCJleHAiOjE1MTMzNjkxNDl9.FtNKnTvm5EcmMcEehcz47ll97DZnetPsNELIlxo-4y4'
  --header 'content-type: application/json'
  --data '{"refreshtoken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiJleUpoYkdjaU9pSklVekkxTmlJc0luUjVjQ0k2SWtwWFZDSjkuZXlKMWMyVnlhV1FpT2pFc0luSnZiR1VpT2lKMWMyVnlJaXdpYVdGMElqb3hOVEV6TXpNNU1UUTVMQ0psZUhBaU9qRTFNVE16TmpreE5EbDkuRnROS25Udm01RWNtTWNFZWhjejQ3bGw5N0RabmV0UHNORUxJbHhvLTR5NCIsInZhbGlkIjpmYWxzZSwiaWF0IjoxNTEzMzM5MTQ5LCJleHAiOjE1MTQzNzU5NDl9.-Jc_irxnE-W87SBQYAW8fU6-xulGGLbGoiMS5zSk7nI"}'

SCREENSHOTS

login

Admin URL

Refresh TOKEN URL