Neutrinos Peludos Magnéticos

    This package has been deprecated

    Author message:

    This has be renamed to @financial-times/s3o-middleware. Please change to @financial-times/s3o-middleware to receives updates to this module.

    s3o-middleware

    1.8.0 • Public • Published

    S3O-middleware

    Middleware to handle authenticating with S3O

    Parsing cookies

    This middleware can parse standard cookies via the cookie package. If wanting to use signed cookies or json cookies, please use the cookie-parser middleware before using the S3O middleware.

    Finding the username of the logged in user

    The username is added to the 's3o_username' property of the res.locals object for all authenticated requests.

    Setting the ttl of the cookie for an authenticated request

    Defaults to fifteen minutes. Use Express' app.set function before sending users to authenticate: app.set('s3o-cookie-ttl', 86400000); // one day (in ms)

    Usage example for Express

    If many routes require auth:

    var express = require('express');
    var app = express();
     
    // Add routes here which don't require auth
    var authS3O = require('s3o-middleware');
    app.use(authS3O);
    // Add routes here which require auth

    If only paths within a given directory require auth:

    var express = require('express');
    var app = express();
    var router = express.Router();
    var authS3O = require('s3o-middleware');
    router.use(authS3O);
    app.use('/admin', router);

    If specific paths require auth:

    var express = require('express');
    var app = express();
    var router = express.Router();
    var authS3O = require('s3o-middleware');
     
    app.get('/', authS3O, router);
    app.post('/', authS3O);

    If you don't want the automatic redirect to the S3O login page, use the authS3ONoRedirect middleware. This could be because you want to protect an API endpoint for authenticated AJAX requests, for example. If the cookies are not present or are invalid, the authS3ONoRedirect middleware will respond with a simple 403: Forbidden response:

    var express = require('express');
    var app = express();
    var router = express.Router();
    var authS3ONoRedirect = require('s3o-middleware').authS3ONoRedirect;
     
    app.get('/some-authenticated-api', authS3ONoRedirect, router);

    Install

    npm i s3o-middleware

    DownloadsWeekly Downloads

    17

    Version

    1.8.0

    License

    ISC

    Last publish

    Collaborators

    • robgodfrey
    • hamza.samih
    • nikita.lohia
    • notlee
    • efinlay24
    • emmalewis
    • aendra
    • the-ft
    • rowanmanning
    • chee
    • alexwilson