connect-authentication
TypeScript icon, indicating that this package has built-in type declarations

0.1.0 • Public • Published

Authentication Middleware Build Status

NPM

Codecov block

A simple (opinionated) connect-style authentication middleware.

This middleware directly use jws package to implement a simpler version of JsonWebToken to authenticate the users via cookie or the Authentication header.

Readers can read the source code to get the idea and replace the token encode/decode mechanism with jsonwebtoken, or use this package directly. This package does not follow the standard of jsonwebtoken. However, it is well tested in it owns implementation.

Usage sample

const express = require('express')
const connectAuthentication = require('connect-authentication').default
const cookieParser = require('cookie-parser')
const asyncMiddleware = require('middleware-async').default
const bodyParser = require('body-parser')

const user = {id: '1', first: 'hello', last: 'world', username: 'admin'}
const encode = u => u.id
const decode = id => id === '1' && user
const app = express()
app.use(
		cookieParser('cookie-secret'),
		connectAuthentication(encode, decode, 'jws-secret')
)
app.get('/', (req, res) => res.status(200).send('hello world!'))
app.post('/login',
		bodyParser.json(),
		asyncMiddleware(async (req, res) => {
				const {body: {username, password}} = req
				if (username === 'admin' && password === 'password') {
						const token = await req.login(user)
						res.status(200).json(token)
				} else res.status(401).json({error: 'wrong credential'})
		})
)
app.get('/me', (req, res) => {
		if (req.user) res.status(200).json(req.user)
		else res.status(403).json({error: 'please login'})
})
app.get('/logout', asyncMiddleware(async (req, res) => {
		await req.logout()
		res.send('logout success')
}))
app.listen(3000, () => console.log('Server is listening at port 3000'))

API Reference

Interface of the default export

export default function connectAuthentication<IUser, IPayload>(
		encode: (user: IUser) => CanAwait<IPayload>,
		decode: (payload: IPayload) => CanAwait<IUser | undefined>,
		secret: string | Buffer,
		{
				ttl = '1 week',
				alg = 'HS256',
				encoding = 'utf8',
				cookieKey = 'jwt',
				isTokenRevoked,
				revokeToken,
				cookieOptions = {
						httpOnly: true,
						sameSite: 'lax',
						secure: true,
						signed: false,
				},
		}: {
				ttl?: number | string
				alg?: Algorithm
				encoding?: string
				cookieKey?: string | false
				isTokenRevoked?: (token: string) => CanAwait<boolean>
				revokeToken?: (token: string, expire: Date) => CanAwait<void>
				cookieOptions?: CookieOptions
		} = {}
): RequestHandler

Dependencies (3)

Dev Dependencies (28)

Package Sidebar

Install

npm i connect-authentication

Weekly Downloads

1

Version

0.1.0

License

MIT

Unpacked Size

17.8 kB

Total Files

5

Last publish

Collaborators

  • tranvansang