npm
Sign UpSign In

konstapel

1.2.0 • Public • Published

npm version Build Status

konstapel

Authorization middleware for node.js

Features

  • A complete flow for login and signup
  • Protects resources on the server via tokens encrypted with the aes-256-ctr algorithm
  • Depends on miffo for middleware functions that manipulate data
  • Very homemade and tailored to my needs. Probably not suitable for production.

Install

$ npm install konstapel [miffo]

Usage

var Konstapel = require('konstapel'),
    klang = new Konstapel(<tokenKey>, <signupKey>), // signupKey optional
    Miffo = require('miffo'),
    db = new Miffo(<url>, <collections>);
 
db.start();
 
function defaultResponse(req, res) {
  res.status(200).json(req.data); // req.data = {token, username}
}
 
app.use('/items',
  klang.verifyToken.bind(klang),
  klang.findUserById.bind(db)
);
 
// signup flow
app.post('/signup',
  klang.checkSignupKey.bind(klang),
  klang.findUsers.bind(db),
  klang.usernameNotTaken,
  klang.insertUser.bind(db),
  klang.createToken.bind(klang),
  defaultResponse
);
 
// login flow
app.post('/login',
  klang.findUserByUsername.bind(db),
  klang.usernameIsValid,
  klang.pwdIsValid.bind(db),
  klang.createToken.bind(klang),
  defaultResponse
);    

Data

//signup flow
checkSignupKey      // IN req.body.key OUT null
findUsers           // IN null OUT req.temp.usernames
usernameNotTaken    // IN req.temp.usernames OUT null
insertUser          // IN req.body.user && req.body.pwd OUT req.user
createToken         // IN req.user._id OUT req.data
 
// login flow
findUserByUsername  // IN req.body.user OUT req.user
usernameIsValid     // IN req.user OUT null
pwdIsValid          // IN req.body.pwd && req.user.pwd OUT null
createToken         // IN req.user._id OUT req.data
 
// token
verifyToken         // IN req.headers.token || req.body.token || req.query.token OUT req.temp.id
findUserById        // IN req.temp.id OUT req.user

Test

$ npm test

Todo

  • add test for invalid token in verifyToken

license

MIT

Readme

Keywords

Package Sidebar

Install

npm i konstapel

Repository

github.com/karlpokus/konstapel

Homepage

github.com/karlpokus/konstapel#readme

Weekly Downloads

1

Version

1.2.0

License

MIT

Last publish

Collaborators

  • karlpokus
Try on RunKit
Report malware