npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@amazeelabs/token-auth-middleware

v1.1.9

Published

Middleware for token based authentication

Downloads

610

Readme

Token Auth Middleware

This package provides a generic HTTP handler that can be used as middleware for various Javascript based web servers. It does not rely on specific runtime libraries like crypto and has been tested in Node and Deno environments.

The concept works as follows: The middleware has to be installed on a given path, and will restrict access to it. Upon access, users will be prompted to authenticate, using a third party message delivery (like e-mail). There they receive a login link, which will grant them access to the resource.

sequenceDiagram
  participant C as Client
  participant M as Middleware
  participant S as Server
  C->>M: Access "/restricted"
  M->>C: Redirect to login page
  C->>M: Provide authentication
  M-->>C: Send login link
  C->>M: Access Login Link
  M->>C: Redirect to "/restricted"
  C->>S: Access "/restricted"
  S->>C: Response for "/restricted"

Usage

Create a Netlify edge and create an instance of an encoder, backend, and handler (see more under "Extensibility").

import {
  JwtEncoder,
  TestEmailBackend,
  TokenAuthHandler,
} from '@amazeelabs/token-auth-middleware';
import type { Context } from '@netlify/edge-functions';

const encoder = new JwtEncoder('shhhh, its a secret');

const backend = new TestEmailBackend({
  '*@amazeelabs.com': '*',
});

const handler = new TokenAuthHandler('/restricted', encoder, backend);

export default async (request: Request, context: Context) => {
  return handler.handle(request, context.next);
};

By default, the middleware does not need any deeper integration. It works purely on HTTP. When accessing an restricted resource, the middleware will redirect to a generic login form, which will prompt the user to authenticate. Then middleware will then send a login link to the user, which will grant access to the resource.

The package also includes a Javascript client that allows to implement this process in a browser application.

import { TokenAuthClient } from '@amazeelabs/token-auth-middleware';

const client = new TokenAuthClient('/restricted');

// Trigger submission of the login link.
await client.login('[email protected]');

try {
  // Access login status information.
  const status = await client.status();
} catch (e) {
  // User is not logged in.
}

// Log out again.
await client.logout();

Extensibility

There are two ways to extend the middleware: The encoder and the backend.

Encoders

The encoder is responsible for encoding and decoding the token. The provided JWTEncoder uses the jrsasign library to encode and decode tokens. The packages exposes an TokenEncoderInterface that can be used to implement custom encoders, like one that uses platform specific crypto libraries.

Backends

Backends are responsible for identifying users and sending login links. The packages provides a PostmarkEmailBackend which can use the postmark messaging service to send login links. It inherits from the abstract EmailBackend class, which can be used to implement email-based authentication with other services.

Email backends allow to restrict access to specific addresses and domains.

import { PostmarkEmailBackend } from './email-backend';

const backend = new PostmarkEmailBackend(
  {
    // Allow everybody with an amazeelabs.com email address.
    '*@amazeelabs.com': '*',
    // Allow only a specific user.
    '[email protected]': 'Jane Doe',
  },
  '[POSTMARK_API_TOKEN]',
  'postmark-template',
);