Super Session
The best autentication with token and session on back-end in same module. Made with love to NodeJS.
Installation
$ npm install --save super-session
Guide
- Quick usage
- Why use
- Configure
- Decode
- Create session
- Delete user sessions
- Logout
- Tests
- Related projects
- License
Quick usage
Back-end
const express = ;const Router = ;const superSession = superSession; const app = ;const router = ; // Set to use super sessionthisapp; // Create the options objectconst superSessionOptions = // Connection is optional, without connection the session will be saved on cache connection: dbUrl: 'your mongo connection' // Necessary dbName: 'your db name (test or production)' // Necessary secret: 'your secret' // Necessary tokenHeaderName: 'authorization' duration: 15 mult: true reqAttribute: 'session' collectionName: 'xsessions'; // Configure the super sessionsuperSession; { // The routes of your app // Get users router; // Login router; // Logout router;}
Front-end
We will need request to the back-end and get the response, like this. Just example using angular HTTP client
http ; // And last we will get the token on storage and put on headers to each request// To do this, use the interceptor// The header name would be equal the option tokenHeaderName on back-end// Example// ... { return Observable;}
Why use
It's fast because don't send the user data to front and save a session on cache. It's Safe because save the session on your database. And have few options to use and control multiples sessions or a unique session by user.
Configure
Configure the super session, will need configure in express file
// Set to use super sessionthisapp; // Create the options objectconst superSessionOptions = connection: dbUrl: 'your mongo connection' dbName: 'your db name (test or production)' secret: 'your secret' // any word tokenHeaderName: 'authorization' duration: 15 mult: true reqAttribute: 'session' collectionName: 'xsessions'; // Configure the super sessionsuperSession;
Options
Avaliable bellow options to configure the super session
{ // Connection is optional, without connection the session will be saved on cache "connection": { "dbUrl": "your mongo connection", // Necessary "dbName": "your db name (test, production or ETC.)" // Necessary }, // Necessary "secret": "your secret", // Optional, default is authorization "tokenHeaderName": "authorization", // Optional, default is 14 days "duration": 15, // days // Optional, default is false // When true, the user can log in many devices and all sessions will be active "mult": true, // Opitional, default is session. Can be change to any word. // If change to user, the session data will be in req.user "reqAttribute": "session", // Optional, default is sessions. The collection name that store the sessions "collectionName": "xsessions"}
Decode
Set to use the super session decode on express app
// The server need this to decode the token of userthisapp;
Create session
It's necessary use a unique identifier to create the session, _id, email ETC. as a unique identifier
// The session data, put anythingconst sessionData = _id: 'USER_ID' name: 'Thor' email: 'thor@asgard.com' permissions: 'list-users' 'all' ; superSession ;
Delete user sessions
We've used the 'user id' to delete all user sessions
superSession ;
Logout
To user logout, just check exist the session and call req.session.logout() (It's a promise)
router;
Tests
To run the test suite, first install the dependencies, then run npm run test:
$ npm install$ npm run test