npm
Sign UpSign In

passwordless-nodecache

1.0.4 • Public • Published

Passwordless-NodeCache

npm version

Node-Cache token store for Passwordless

This module provides token storage for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website https://passwordless.net for more details.

Tokens are stored in memory and are hashed and salted using bcryptjs. As such, tokens will not survive a restart of your application. This implementation is mainly meant for example, proof-of-concepts or perhaps unit testing.

Usage

First, install the module:

$ npm install passwordless-nodecache --save

Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

var passwordless = require('passwordless');
var NodeCacheStore = require('passwordless-nodecache');
 
passwordless.init(new NodeCacheStore());
 
passwordless.addDelivery(
    function(tokenToSend, uidToSend, recipient, callback) {
        // Send out a token
    });
 
app.use(passwordless.sessionSupport());
app.use(passwordless.acceptToken());

Initialization

new NodeCacheStore();

Example:

passwordless.init(new NodeCacheStore());

Hash and salt

As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-nodecache uses bcryptjs with automatically created random salts. To generate the salt 10 rounds are used.

Tests

$ npm test

License

MIT License

Author

Andrea Falzetti

Dependents (1)

Package Sidebar

Install

npm i passwordless-nodecache

Repository

github.com/andreafalzetti/passwordless-nodecache

Homepage

github.com/andreafalzetti/passwordless-nodecache

Weekly Downloads

0

Version

1.0.4

License

MIT

Unpacked Size

7.48 kB

Total Files

6

Last publish

Collaborators

  • afalzetti
Try on RunKit
Report malware