konstapel
Authorization middleware for node.js
Features
- A complete flow for login and signup
- Protects resources on the server via tokens encrypted with the
aes-256-ctr
algorithm - Depends on miffo for middleware functions that manipulate data
- Very homemade and tailored to my needs. Probably not suitable for production.
Install
$ npm install konstapel [miffo]
Usage
var Konstapel = klang = <tokenKey> <signupKey> // signupKey optional Miffo = db = <url> <collections>; dbstart; { resstatus200; // req.data = {token, username}} app; // signup flowapp; // login flowapp;
Data
//signup flowcheckSignupKey // IN req.body.key OUT nullfindUsers // IN null OUT req.temp.usernamesusernameNotTaken // IN req.temp.usernames OUT nullinsertUser // IN req.body.user && req.body.pwd OUT req.usercreateToken // IN req.user._id OUT req.data // login flowfindUserByUsername // IN req.body.user OUT req.userusernameIsValid // IN req.user OUT nullpwdIsValid // IN req.body.pwd && req.user.pwd OUT nullcreateToken // IN req.user._id OUT req.data // tokenverifyToken // IN req.headers.token || req.body.token || req.query.token OUT req.temp.idfindUserById // IN req.temp.id OUT req.user
Test
$ npm test
Todo
- add test for invalid token in verifyToken
license
MIT