npm
Sign UpSign In

secure-tokenize
TypeScript icon, indicating that this package has built-in type declarations

3.2.1 • Public • Published

Authentication Package

This package provides utilities for user authentication using JSON Web Tokens (JWT).

Installation

Install the package using npm:

npm install secure-tokenize

Usage

Import the Authentication class from the package:

const Authentication = require("secure-tokenize");

Simple JWT Authentication

Creating Instance

Create an instance of the Authentication class by providing the JWT secret key.

const auth = new Authentication({
  jwtSecretKey:"jwt_secret_key",
  authMethod:"jwt",
});

Generate a JWT token for a user object:

const user = { userId: 123, username: 'john_doe' }; // Sample

const token = auth.generateToken({
  user,
  jwt:{
     options:{
         expiresIn:6000
     } 
  }
});

Verify Token

Set middleware in express application.

const app = require("express")();

// Middleware
app.use('/protected', auth.authenticate(),(request, response, next) => {
    
    // This will contain user data 
    req.auth;
    
    next()
});

Authenticate Via Facebook

Creating Instance

const auth = new Authentication({
    jwtSecretKey:"jwt_secret_key",
    authMethod:"facebook",
    facebookAppId:"<facebook_app_id>",
    facebookAppSecret:"<facebook_app_secret_key>",
    url:"http://localhost:3000",
    callbackUrl:"/auth/facebook/callback",
    facebookAPIVersion:"v19.0"
});

Creating Routes For Authentication And Callback

Use the auth.facebookRedirect middleware to authenticate user and generate code.

// Route for initiating the authentication process
app.get('/auth/facebook', auth.facebookRedirect.bind(auth));

Here you will be redirected after successfully signed in. You will get code in the query params which you can get and create a JWT token based on the facebook data you get.

app.get("/auth/facebook/callback", async (req,res,next) => {

    const token = await auth.generateToken({
        jwt:{
            options:{
                expiresIn:6000
            }
        },
        faceBook:{
            code:req.query.code
        }
    })
    
    res.send(token)
});

After that the authenticate middleware remains the same.

// Middleware
app.use('/protected', auth.authenticate(),(request, response, next) => {
    
    // This will contain user data from facebook
    req.auth;
    
    next()
});

Authentication Via Google

Creating Instance

You can authenticate user via google by doing some minimal changes if required.

const auth = new Authentication({
    jwtSecretKey:"AveryMuchSecretThatNoOneCanHack",
    authMethod:"google",
    googleAppClientId:"<GOOGLE_APP_CLIENT_ID>",
    googleClientSecret:"<GOOGLE_CLIENT_SECRET>",
    googleRedirectURL:"http://localhost:3000/auth/google/callback"
});

Setting Up Routes

These routes facilitate Google authentication, redirecting user to Google's login page and handling the callback to generate a token for authenticated user.

// Route for initiating the authentication process
app.get('/auth/google', auth.googleRedirect.bind(auth));

app.get("/auth/google/callback", async (req,res,next) => {

    const token = await auth.generateToken({
        jwt:{
            options:{
                expiresIn:6000
            }
        },
        google:{
            code: req.query.code
        }
    })

    res.send(token)

});

Getting Authenticated Data

This route mandates authentication via auth.authenticate() middleware and returns authenticated user data from Google in JSON format.

app.get("/protectedRoute",auth.authenticate(),(req, res, next) => {

    // This will contain user data returned from google
    res.json({
        data: req.auth
    });
})

The above will give the access token and bearer token for the user. You can get user specific details like emails, names etc by using the below method if needed. The first param is access_token and the second param is personFields

Available personFields can be found on this link personFields

app.get("/protectedRoute",auth.authenticate(), async (req, res, next) => {

    // This will contain user data returned from google
    const accessToken = req.auth.access_token;
    
    const user = await auth.getGoogleUserProfile(accessToken,"names,addresses");
    
    res.status(200).send();
})

Others

Custom Function When Using auth.authenticate().

// In result you will get the verified data from the token.

const customFn = function (result) {
  return {
    keyToSetAgainst:"userData", // this will be the key set to request object. (Required)
    data:{                      // Modified data along with the verified data. (Optional)
      ...result,
      timeStamp: new Date()
    }
  }
}

app.get("/protectedRoute",auth.authenticate({customFn}),(req, res, next) => {
  res.json(req.userData);
})

License

This project is licensed under the MIT License - see the LICENSE.md file for details.

Readme

Keywords

Package Sidebar

Install

npm i secure-tokenize

Repository

github.com/MFahad777/SecureTokenize

Homepage

github.com/MFahad777/SecureTokenize#readme

Weekly Downloads

0

Version

3.2.1

License

MIT

Unpacked Size

20 kB

Total Files

5

Last publish

Collaborators

  • mfahad777
Try on RunKit
Report malware