🔒 🔍
bright-auth-expressjs Verify provided auth token and add a req.user
object providing information about the user.
npm i bright-auth-expressjs
Usage
const auth = require('bright-auth-expressjs')({
API_ENDPOINT: "https://sandbox-api.brighthr.com"
})
API_ENDPOINT
Bright API token is authorised to use.
Secure all routes on your API
const app = require('express')();
const auth = require('bright-auth-expressjs')({
API_ENDPOINT: "https://sandbox-api.brighthr.com"
});
app.use(auth)
app.get("/", (req, res) => res.send(req.user));
app.listen(3000);
Secure specific routes
const app = require('express')();
const auth = require('bright-auth-expressjs')({
API_ENDPOINT: "https://sandbox-api.brighthr.com"
});
app.get("/", auth, (req, res) => {
if (!req.user.isAdmin) {
res.send(401);
}
res.send(200, 'hello admin');
});
app.listen(3000);
req.user
properties
{
"isAdmin": false, // is the user an admin
"subordinates": [
"5f00cfdf-baf5-4363-af73-6d8355a6a00f",
"31e46ef2-925d-4a21-9d13-985225d88043" // employee guids for all subordinates
],
"id": 40136, // legacy id - some APIs still need this
"employeeGuid": "cbf6a38e-92ee-4d06-b4a6-38ee39ebfca5",
"roles": [], // yet to be implemented
"companyId": "", // yet to be implemented
"loggedInEmployee": {
// comprehensive information about the logged in employee
},
"jwt": {
// the full decoded token for reference
}
}
req.user
methods
req.user.isSelf(guid)
Is the provided guid for the current logged in user.
req.user.manages(guid)
Does the current logged in user manage given employee GUID
Development
npm run dev
will spin up a local server on port 3000
and restart when you save any file.
Deployment to npm
Deployment is managed using semantic-release. This means you must be careful about the commit message format. This link provides examples - if you do not conform to this circle will build your commit but not push a new version to npm and github and then you'll be sad