Passwordless-PouchStore
This module provides token storage for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website https://passwordless.net for more details.
Tokens are stored in a PouchDB (or CouchDB) database and are hashed and salted using bcrypt.
Usage
First, install the module:
$ npm install passwordless-pouchstore --save
Afterwards, follow the guide for Passwordless. A typical implementation may look like this:
var passwordless = ;var PouchStore = ; var DB_NAME = 'passwordless-tokens';passwordless; passwordless; app;app;
Initialization
dbName;
Example:
var DB_NAME = 'passwordless-db';passwordless;
Hash and salt
As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-pouchstore uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.
Tests
$ npm test
License
Author
Dale Harvey @daleharvey