@rsksmart/express-did-auth
v0.1.7
Published
Authentication with Verifiable Credentials for Express.js
Downloads
6
Readme
npm i @rsksmart/express-did-auth
This module includes a plug and play authentication framework to be used in Express applications, it implements the DID Authentication protocol designed by RIF Identity.
Features
- Sign up flow authenticating user's DID and Verifiable Credentials
- Sign in flow authenticating user's DID
- Authenticate requests using Express middleware
- Log out flow
Usage
This approach will add the following endpoints to your app:
- GET
/request-signup/:did
- POST
/signup
- GET
/request-auth/:did
- POST
/auth
- POST
/refresh-token
- POST
/logout
import express from 'express'
import setupApp from '@rsksmart/express-did-auth'
import { SimpleSigner } from 'did-jwt'
const privateKey = 'c9000722b8ead4ad9d7ea7ef49f2f3c1d82110238822b7191152fbc4849e1891'
const serviceDid = 'did:ethr:rsk:0x8f4438b78c56B48d9f47c6Ca1be9B69B6fAF9dDa'
const serviceSigner = SimpleSigner(privateKey)
const challengeSecret = 'theSuperSecret'
const serviceUrl = 'https://service.com'
const app = express()
const authMiddleware = setupApp({ challengeSecret, serviceUrl, serviceDid, serviceSigner })(app)
app.get('/not-protected', function (req, res) {
res.send('This endpoint is not authenticating')
})
app.get('/protected', authMiddleware, function (req, res) {
res.send('This endpoint is authenticating')
})
const port = process.env.PORT || 5000
app.listen(port, () => logger.info(`My express API with did-auth running in ${port}`))
Check out more configuration options and usage details in our RSK Developers Portal.
Open work
- Formalize and implement Selective Disclosure request standard schema
Test
From base repo directory run npm test
or any of the described test script variants.