Express middleware for Authrite

The code is available on GitHub and the package is published on NPM.

Authrite is a system for mutual authentication over a communications channel where both parties come to know the identity of the counterparty. authrite-express provides a way to easily add mutual authentication to the routes of an express server.

During setup, the client asks for some basic information from the server and provides their identity key. The server sends back a reply, proving custody over the identity key they send back. Then, every message sent between the two parties is signed and verified, enabling everyone to have confidence in message integrity. Messages are not encrypted by Authrite, but encryption is provided by HTTPS.

npm i authrite-express

This example demonstrates creating a simple express server that makes use of the authrite-express middleware.

const authrite = require('authrite-express')
const express = require('express')
const bodyparser = require('body-parser')
const app = express()
const port = 5000

const TEST_SERVER_PRIVATE_KEY = 
'6dcc124be5f382be631d49ba12f61adbce33a5ac14f6ddee12de25272f943f8b'
const TEST_SERVER_BASEURL = `http://localhost:${port}`

app.use(bodyparser.json())
app.use((req, res, next) => {
  res.header('Access-Control-Allow-Origin', '*')
  res.header('Access-Control-Allow-Headers', '*')
  res.header('Access-Control-Allow-Methods', '*')
  res.header('Access-Control-Expose-Headers', '*')
  res.header('Access-Control-Allow-Private-Network', 'true')
  if (req.method === 'OPTIONS') {
    res.sendStatus(200)
  } else {
    next()
  }
})
// Configure the express server to use the authrite middleware
app.use(authrite.middleware({
    serverPrivateKey: TEST_SERVER_PRIVATE_KEY,
    baseUrl: TEST_SERVER_BASEURL
}))

// Example Routes
app.get('/getData', (req, res) => {
    res.json({ user: 'bob' })
}) 
app.post('/sendSomeData', (req, res) => {
    res.json({
        message: 'Hello, this is the server.',
        clientData: req.body
    })
})

app.listen(port, () => {
  console.log(`Example app listening on port ${port}`)
})

This example demonstrates setting up a websocket connection on an express server with a simple on chatMessage event.

Note: This does not show starting the express server which can be seen in the example above.

const express = require('express')
const app = express()
const http = require('http').Server(app)
const authrite = require('authrite-express')

const TEST_SERVER_PRIVATE_KEY = 'a0b6131b2ed7c9f6099f35a1e61a18c0e6bca3352a624d9e4b4851403cf52949'

// Configure AuthSock just as you would for socket.io
// Just add an additional param to pass in the server private key to use
const io = authrite.socket(http, {
  cors: {
    origin: '*'
  },
  serverPrivateKey: SERVER_PRIVATE_KEY
})

io.on('connection', (socket) => {
  // Custom events
   socket.on('chatMessage', (msg) => {
    io.emit('chatMessage', {
      id: socket.id,
      text: msg.text,
      identityKey: msg.identityKey
    })
  })
})

• AuthSock
  • Parameters
  • id
  • rooms
  • handshake
  • use
    • Parameters
  • join
    • Parameters
  • leave
    • Parameters
  • to
    • Parameters
  • disconnect
  • close
  • emit
    • Parameters
  • on
    • Parameters
• middleware
  • Parameters

Provides server-side access to Authrite protected sockets

• http http.Server The HTTP server instance
• options Object Optional configurations for Socket.IO (optional, default {})

Retrieves the unique identifier for the socket connection

Returns string The socket ID

Retrieves the list of rooms that the socket is currently in

Returns Set<string> A set containing the names of the rooms

Retrieves information about the initial handshake when the socket connection was established

Returns Object Handshake information including headers, address, secure, etc.

Registers a middleware function to intercept events on the socket

• socket Socket The socket object to apply the middleware to
• next function The callback function to call after the middleware completes

Joins the socket to a specified room

• room string The name of the room to join

Leaves a specified room

• room string The name of the room to leave

Sends a message to all clients in a specified room

• room string The name of the room to send the message to

Returns Socket A reference to the socket

Disconnects the socket from the server

Closes the socket connection

Emits a message to the client

• event string The type of event to emit
• data (object | string | Buffer) The data to send with the event

Custom configured websocket on method

• event string The type of event to handle
• callback function The callback function to be executed when the event occurs

Authrite express middleware for providing mutual authentication with a client

• config object Configures the middleware with initial parameters (optional, default {})

  • config.serverPrivateKey String The server's private key used for derivations
  • config.requestedCertificates Object The RequestedCertificateSet that the server will send to client. An object with certifiers and types, as per the Authrite specification.
  • config.baseUrl String The base url of the express server
  • config.initialRequestPath String The initial route path used to request the server's information and identity key

Returns function Which can be used as authentication middleware in an express server

The license for the code in this repository is the Open BSV License.