npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@v57/noauth

v1.0.3

Published

Zero Knowledge JWT Authorization: Secure Authentication without Storing User Accounts

Downloads

3

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

v57v57

Keywords

jwtauthauthorizationservermiddlewarecrypto

Readme

No Auth

Zero Knowledge JWT Authorization: Secure Authentication without Storing User Accounts

The Zero Knowledge JWT Authorization package is a revolutionary Node.js package that offers a highly secure and privacy-focused approach to user authentication. By leveraging the power of Zero Knowledge Proof (ZKP) cryptography and JSON Web Tokens (JWT), this package allows developers to implement a robust authorization system without the need for storing user accounts on the server.

Traditional authentication systems require servers to store sensitive user account information, including passwords or hashed credentials. However, with the Zero Knowledge JWT Authorization package, this cumbersome and potentially vulnerable step is eliminated. Instead, the server generates unique cryptographic keys for each user during the registration process.

Utilizing Zero Knowledge Proof protocols, the generated keys never leave the client-side environment, ensuring that the server remains completely unaware of the user's credentials. This Zero Knowledge approach guarantees that user data is securely protected, even in the event of a server breach.

The package seamlessly integrates JSON Web Tokens (JWT) to facilitate secure and stateless authorization. The JWTs are generated and signed with the user's unique cryptographic keys. These tokens can then be securely transmitted between client and server for subsequent API requests, serving as proof of authentication.

With Zero Knowledge JWT Authorization, developers can confidently build applications that prioritize user privacy without compromising security. By eliminating the need for server-side storage of user accounts, potential attack vectors and data breaches are significantly reduced. Additionally, the package provides straightforward integration into existing Node.js projects, simplifying the development process.

Key Features:

  • Zero Knowledge Proof (ZKP) cryptography for secure user authentication
  • JSON Web Tokens (JWT) for stateless authorization
  • Eliminates the need for server-side storage of user accounts
  • Enhanced security by preventing server-side data breaches
  • Seamless integration into Node.js applications
  • Developer-friendly API for easy implementation

Embrace a new era of authentication and prioritize user privacy with the Zero Knowledge JWT Authorization package. Say goodbye to the risks associated with storing user accounts on your server and empower your applications with a robust, secure, and privacy-centric authentication solution.

Installation

npm install --save @v57/noauth

Usage

const { auth, getSecret, setServerSecret } = require('@v57/noauth')

// Setting server secret
// Will be stored globally, so auth middleware will be available in any file
setServerSecret('9HoB7GB9yGA5BUNeLe6aB1sx8Jm8PoAgE5gmiEiqTFmD')

// Starting server with auth/create and hello/authorized api
const app = express()
  .disable('x-powered-by').set("etag", false)
  .post('auth/create', (req, res) => {
    const user = newId(16)
    const secret = getSecret(user)
    res.json({ user, secret })
  }).post('hello/authorized', auth, (req, res) => {
    res.json({ message: 'hi', to: req.from })
  }).listen(8080)