Passwordless-RedisStore
This module provides token storage for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website for more details.
Tokens are stored in a Redis database and are hashed and salted using bcrypt.
Usage
First, install the module:
$ npm install passwordless-redisstore --save
Afterwards, follow the guide for Passwordless. A typical implementation may look like this:
var passwordless = ;var RedisStore = ; passwordless; passwordless; app;app;
Initialization
port host options;
- [port]: (Number) Optional. Port of your Redis server. Defaults to: 6379
- [host]: (String) Optional. Your Redis server. Defaults to: '127.0.0.1'
- [options]: (Object) Optional. This can include options of the node.js Redis client as described in the docs and the ones described below combined in one object as shown in the example
Example:
passwordless;
Options
- [redisstore.database]: (Number) Optional. Database to be used. Defaults to: 0
- [redisstore.tokenkey]: (String) Optional. Keys to be used. UIDs will be appended. Defaults to: 'pwdless:UID'
Hash and salt
As the tokens are equivalent to passwords (even though only for a limited time) they have to be protected in the same way. passwordless-redisstore uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.
Tests
$ npm test
License
Author
Florian Heinemann @thesumofall