moneypenny - Authentication Service
[
](https://circleci.com/gh/blueflag/m
oneypenny/tree/master)
Moneypenny acts as an authentication service that offers multiple authentication strategies to a backend service and sends a JSON web token(JWT) encripted using a shared secret as a response.
Other services in the architecture should also know the shared secret allowing the token to be passed around in API calls to provide user information related to the request.
Generating Documentation
npm run doc
Related Projects
Sample Useage
Endpoints
The following endpoints are established by the initialize(app) function
| Endpoint | Description |
|---|---|
| /oauth2/authorization | oAuth2 Authorization Endpoint |
| /oauth2/token | oAuth2 Token Endpoint |
| /logout | Logout user from moneypenny |
API documentation.
moneypenny-server
Authentication server that uses both oAuth2 and JWT for authentication For single sign on.
- moneypenny-server
- module.exports(options) ⇒
MoneyPenny⏏
- module.exports(options) ⇒
module.exports(options) ⇒ MoneyPenny ⏏
Create a moneypenny server
Kind: Exported function
Returns: MoneyPenny - moneypenny service.
| Param | Type | Description |
|---|---|---|
| options | Options |
options to configure moneypenny with. |
module.exports~ensureAuthenticated
Middleware for checking that people using the service are authenticated.
Adds req.sesson.returnTo, the url to redirect the user to after login.
Kind: inner property of module.exports
| Param | Type | Description |
|---|---|---|
| req | request |
express request to check authenticated |
| res | response |
express response related to this request |
| next | function |
callback to next middleware to handle request. |
module.exports~ensureAuthenticated(req, res, next)
Middleware for checking that people using the service are authenticated.
Adds req.sesson.returnTo, the url to redirect the user to after login.
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| req | request |
express request to check authenticated |
| res | response |
express response related to this request |
| next | function |
callback to next middleware to handle request. |
module.exports~initialize(app)
Initalize moneypenny. adds oauth authentication endpoints to express app
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| app | express-app |
the express app that this will run on. |
Example
var express = ;var moneypenny = ;var MongoStore = ;var MongoClient = MongoClient;MongoClient;module.exports~serializeUser()
Used for passport to serialize the session user. using this method will allow the oauth server to send whatever details are in the user object serialized.
Kind: inner method of module.exports
See: http://passportjs.org/docs/configure#sessions
Example
passport;Example
//remove password from user, then serialize.passportmodule.exports~deserializeUser()
Used for passport to deserialize the session user.
Kind: inner method of module.exports
Example
passport;module.exports~loginAndRedirect(req, res, next)
Helper method for login, this method can be used once a login is established from a passport strategy
It will redirect the users back to the approprate locationexpiresIn
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| req | request |
express request to check authenticated |
| res | response |
express response related to this request |
| next | function |
callback to next middleware to handle request. |
module.exports~jwtToken(req, res) ⇒ String
Express middleware that returns a JWT token.
Kind: inner method of module.exports
Returns: String - jwt token for the user
| Param | Type | Description |
|---|---|---|
| req | request |
Express JS Request Object |
| res | response |
Express JS Response Object |
module.exports~jwt(user, ttl) ⇒ String
Sign a JWT token.
Kind: inner method of module.exports
Returns: String - encoded JWT token.
| Param | Type | Description |
|---|---|---|
| user | Object |
user to encode. |
| ttl | Number |
time for the token to live. (set to value in option if none is sent) |
module.exports~user(JWT) ⇒ Object
Get a user from a JWT token.
Kind: inner method of module.exports
Returns: Object - enncoded user object.
| Param | Type | Description |
|---|---|---|
| JWT | String |
token to decode. |
module.exports~logoutAndRedirect(req, res, next)
Helper method for logging out, logs user out of authentication server after logging user out from all other servers.
Not Yet Implemented
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| req | request |
express request |
| res | response |
express response |
| next | function |
callback to next middleware to handle request. |
module.exports~Options : Options
Options that will be passed to the moneypenny server to determine how to initialize.
Kind: inner typedef of module.exports
Properties
| Name | Type | Description |
|---|---|---|
| redirectUrl | String |
default redirect url to use if no previous url is found. |
| loginUrl | String |
url to redirect to for login. |
| secretOrPrivateKey | String |
secret or private key to use for JWT encryption. |
| ttl | Number |
lifespan of a token. |
| storageProvider | StorageProvider |
storage provider to use to store autentication details. Such as 'moneypenny-mongo-store'. @see https://github.com/blueflag/moneypenny-mongo-storage |