npm
Sign UpSign In

punch-auth

0.0.1 • Public • Published

punch-auth

Exposes methods for google oauth2, linkedin oauth2 and local authorization (username/password strategy).

google oauth2

Following are the settings required for google oauth2.

  var config = {
    CLIENT_ID: 'client id', //application id that you create on developer.google.
    CLIENT_SECRET: 'client secret', //secret for the application.
    REDIRECT_URL: 'callback url' //the path in your app where the user will redirected once allowed access.
  };

OAuth2 wrapper for google can be initialized like so:

  var punchAuth = require('punch-auth');
  var googleOAuth = punchAuth.googleOAuth(config);

The googleOAuth exposes following methods.

  • Following gets the url (string) to redirect the user to google's authorization page. Its an synchronous call.
  var url = googleOAuth.getAuthURL();
  • Once the user grants access to your app, control would be redirected to the REDIRECT_URL with a parameter code. This method redeems the code, initializes the services and returns user's profile.
  googleOAuth.verifyAndInitialize(code)
  .then(userProfile => {...});
  • Once the services have been initialized, this method can be used to get the profile of the currently authorized user.
  googleOAuth.getProfile()
  .then(userProfile => {...});

linkedin oauth2

Following are the settings required for linkedin oauth2.

  var config = {
    CLIENT_ID: 'client id', //application id that you create on developer.linkedin.
    CLIENT_SECRET: 'client secret', //secret for the application.
    REDIRECT_URL: 'callback url' //the path in your app where the user will redirected once allowed access.
  };

OAuth2 wrapper for linkedin can be initialized like so:

  var punchAuth = require('punch-auth');
  var linkedinOAuth = punchAuth.linkedinOAuth(config);

The linkedinOAuth exposes following methods.

  • Following gets the url (string) to redirect the user to linkedin's authorization page. Its an synchronous call.
  var url = linkedinOAuth.getAuthURL();
  • Once the user grants access to your app, control would be redirected to the REDIRECT_URL with parameters code and state. This method redeems the code and state, initializes the services and returns user's profile.
  linkedinOAuth.verifyAndInitialize(code)
  .then(userProfile => {...});
  • Once the services have been initialized, this method can be used to get the profile of the currently authorized user.
  googleOAuth.getProfile()
  .then(userProfile => {...});

Services are initialized when the auth code is successfully redeemed. This holds true for both google and linkedin services.

local auth

Implements local username/password strategy. Following are the settings required for local auth module.

  var config = {
    USER_COLLECTION: UserModel, //mongoose model for the users collection.
    ID_FIELD: 'username', //name of the field to be treated as identifier like username, email.
    PASSWORD_FIELD: 'password', //name of the field that contains the hashed password.
  }

Optional settings include:

  config.SALT_ROUNDS = 11 //number,  defaults to 10, used to create password hash using 'bcrypt'.
  config.TOKE_KEY = 'some key' //string, defaults to 'punch-token-key', used to create bearer token using 'jasonwebtoken'.

localAuth can be initialized like so:

  var punchAuth = require('punch-auth');
  var localAuth = punchAuth.localAuth(config);

Middleware exposed by localAuth

  • The following middleware is for authentication (username/password). On successfull authentication the user object and an accessToken is attached to the req object, otherwise a 401 is returned along with appropriate error message. This middleware can be used like so:
  router.post('/login',
    localAuth.loginMW(), //method that returns the middleware
    (req, res, next) => {...}
  );
  • The following middleware verifies the bearer token. On successfull verification the user object is attached to the req object, otherwise a 401 is returned with the appropriate error message. This middleware can be used like so:
  router.get('/index',
    localAuth.bearerMW(), //method that returns the middleware
    (req, res, next) => {...}
  );

Methods exposed by localAuth

Following are some helping methods, that can be used as alternatives to the middleware, and allows more flexibility.

  • This method implements logic for login (username/password), and returns the user object on success.
  localAuth.login(req.body.username, req.body.password)
  .then(user => {...})
  .catch(err => {...});
  • This method creates a hash for a plain string password. SALT_ROUNDS for creating the hash can be set in the config.
  var password = 'some password';

  localAuth.createHash(password)
  .then(hash => {...})
  .catch(err => {...});
  • Method to check if the given password matches with the hash.
  var password = 'some password';

  localAuth.checkPassword(password, user.savedPasswordHash)
  .then(_ => {//password matched})
  .catch(err => {...});
  • Method to verify jasonwebtoken.
  var token = 'the bearer token';

  localAuth.authorizeBearer(token)
  .then(user => {//the user object from the user collection set in config})
  .catch(err => {...});

Readme

Keywords

none

Package Sidebar

Install

npm i punch-auth

Weekly Downloads

0

Version

0.0.1

License

ISC

Last publish

Collaborators

  • punchagency
Try on RunKit
Report malware