passwordless-nedb

    0.0.4 • Public • Published

    passwordless-nedb

    Build Status Coverage Status

    This is NeDB token storage module for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website https://passwordless.net for more details. With NeDB you can store token on your server without the need to run another instance of database like Mongo, CouchDB, etc.

    Tokens are stored in a NeDB database and are hashed and salted using bcrypt.

    Usage

    First, install the module:

    $ npm install passwordless-nedb --save

    Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

    passwordless.init(new NedbStore(db));
     
    passwordless.addDelivery(
        function(tokenToSend, uidToSend, recipient, callback) {
            // Send out a token
        });
        
    app.use(passwordless.sessionSupport());
    app.use(passwordless.acceptToken());

    Initialization

    var passwordless = require('passwordless')
    var NedbStore = require('passwordless-nedb')
     
    var Datastore = require('nedb')
    var db = new Datastore({ filename: 'path/to/token.json'})
     
    new NedbStore(db, 'my-password-tokens');
    • db: (object) the data storage declared upon creation/loading as defined by the NeDB specification. Please check the documentation for details: at https://github.com/louischatriot/nedb
    • 'my-password-tokens': (string, optional) A valid string identifier. All created documents within database has value { _lib: passwordless-token } as the default reference, this will override the default name. Usefull for easy indexing and search when you want to integrate the database with other documents as well.

    Example:

    var db = new Datastore({ filename: './token.json'})
    passwordless.init(new NedbStore(db))

    Hash and salt

    As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-nedb uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.

    Tests

    gulp
    

    Change Logs

    • v0.0.1 initial commit
    • v0.0.2 add second string arguments to allow changing '_lib' property of created tokens
    • v0.0.3 minor fix
    • v0.0.4 remove make update travis setup

    License

    MIT License

    Install

    npm i passwordless-nedb

    DownloadsWeekly Downloads

    4

    Version

    0.0.4

    License

    MIT

    Last publish

    Collaborators

    • syarul