node package manager
Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »



node-tokauth is a simple node.js module that links an authentication process with a token generation. It uses a hash to generate a token, that is based on a key provided by the developer. So, the unicity of the generated token is on the developer's own.

The user can set the used algorithm, and the based key generation. And, of course, the authentication function that will be executed.


You can either clone this repo, either install this module via npm:

$ npm install tokauth

How to use

var Tokauth = require('tokauth');
// Build the object with the authentication function 
var tokauth = new Tokauth(function (username, password) {
    return (username === 'test' && password === 'test');
// Specify the key onto will be based the hashing process 
// Here, we base it on the username, the password, and the timestamp 
tokauth.key = ('test' + 'test' + (new Date()).getTime());
// Generates the token 
var token = tokauth.getToken(username, password);
if (token) {
    console.log("Generated token: " + token);
} else {
    console.log("Authentication failed");

The authentication function

There're two main things to know about the function you'll provide to the Tokauth object:

  • It MUST return a boolean value
  • It can accept as many arguments as needed, it's on your own


Please, be aware that this attribute will affect the generated token unicity. If you base your key on the password, it's dangerous, as it's possible that two users have the same one. But, if you base it on a concatenation between the username, its password and the time of the authentication, then, your key has more chances to be unique.