passwordless-nedb
This is NeDB token storage module for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website https://passwordless.net for more details. With NeDB you can store token on your server without the need to run another instance of database like Mongo, CouchDB, etc.
Tokens are stored in a NeDB database and are hashed and salted using bcrypt.
Usage
First, install the module:
$ npm install passwordless-nedb --save
Afterwards, follow the guide for Passwordless. A typical implementation may look like this:
passwordless; passwordless; app;app;
Initialization
var passwordless = var NedbStore = var Datastore = var db = filename: 'path/to/token.json' db 'my-password-tokens';
- db: (object) the data storage declared upon creation/loading as defined by the NeDB specification. Please check the documentation for details: at https://github.com/louischatriot/nedb
- 'my-password-tokens': (string, optional) A valid string identifier. All created documents within database has value { _lib: passwordless-token } as the default reference, this will override the default name. Usefull for easy indexing and search when you want to integrate the database with other documents as well.
Example:
var db = filename: './token.json'passwordless
Hash and salt
As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-nedb uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.
Tests
gulp
Change Logs
- v0.0.1 initial commit
- v0.0.2 add second string arguments to allow changing '_lib' property of created tokens
- v0.0.3 minor fix
- v0.0.4 remove make update travis setup