Mongoose plugin for password-based user authentication.
authenticatemethod to use when signing users into your service
$ npm install basic-auth-mongoose
Tested with Mongoose > 3.4.x.
Basic-auth allows you to add password-based authentication to any Mongoose schema. Let's say you're working on a site where your basic
User schema is shaping up like so:
var mongoose = ;var userSchema =email : Stringfirst : Stringlast : String;
To add authentication functionality, all you need to do is plugin basic-auth, and create your new
userSchema;var User = mongoose;
Plugging in basic-auth will add two required properties on top of your original
password. Just fill in those credentials when you're creating a user, and the user's password will be automatically encrypted for secure storage.
var tom =email : 'firstname.lastname@example.org'first : 'Tom'last : 'Smith'username : 'toms1234'password : 'secret';tom;
In addition to the
password properties, you'll also get a handy
user.authenticate(password) method. This method accepts a plain text password, and will return
true if the password is correct, and
Using basic-auth will also give you an
id property, which will return the auto-generated MongoDB
_id. To use, simply call:
tomid // returns MongoDB _id (e.g. 5A0009284I2)
You can configure the hashing algorithm used to encrypt the user's password. By default, basic-auth uses
'sha256'. To change the encryption method, simply pass in the
encryptionMethod option when applying basic-auth:
var options = 'encryptionMethod' : 'sha1' ;userSchema;
You are free to choose any of the hashing algorithms made available by Node's crypto library.
A full example of using basic-auth for a simple login / registration system is coming soon.
Inspired by saintedlama's passport-local-mongoose module.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.