identity-rs
Node Identity Resource Service Authentication Middleware for Express JS
Requirements
Install
$ yarn add identity-rs
Usage
const authenticatePermissions = ; // add into ExpressJS
- resourceName is the name you use for your service
- qualifier is the access level for permissions, eg: read, write, * (read-write).
Middleware options
No configuration is required in order to start using this middleware. All options are optional.
;
realm
– Value of "realm" parameter to use in WWW-Authenticate challenge header.scopes
– Array of scope values required to access this resource.allow
– Object with arrays of allowed issuers, audience and subjects.deny
– Object with arrays of restricted issuers, audience and subjects.handleErrors
– When set to false, error conditions will result in a call tonext()
, passing control to the application's error handling.tokenProperty
– Name of property onreq
to assign decoded JWT object. The property will not be set unless defined.claimsProperty
– name of property onreq
to assign verified JWT claims. Defaults to "claims".
JWT token spec
The JWT needs to have custom claims called perms, like the following JWT payload.
The perms custom claims is needed for the middleware to check access using node-arn.
How to use
const authenticateMiddleware = ; router;
Running tests
Nodejs
$ yarn test
License
MIT License - [Suhendra Ahmad]