npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

authentic

v0.0.3

Published

Authentication for microservices.

Downloads

9

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dguttmandguttman

Keywords

Readme

Authentic

Authentication for microservices. This is collection of the following modules:

What is it?

Authentic is a collection of modules to help your various services authenticate a user. Put more concretely, Authentic does the following:

  • Allow your users to "sign up", "confirm", "log in", and "change password" with their email address and a chosen password (persisted to a db of your choice), and provide an authentication token (JWT) on successful log in.
  • Easily protect access to your microservice by decrypting a user's authentication token.
  • Help make requests from the browser to authentic-server for sign up/confirm/login/password reset, as well as automatically including the authentication token in requests to your microservices.

Example

Let's pretend you work at ScaleHaus (Uber meets Airbnb for lizards). You have a web app at admin.scalehaus.io (client-side SPA) that is an interface to various microservices (like reporting.scalehaus.io). You want to make sure that only employees with a @scalehaus.io email address have access to your app and microservices. Here's how you can do it:

  1. Create an authentication server with authentic-server available at auth.scalehaus.io.

  2. Add views to admin.scalehaus.io for signup/confirm/login/reset-password and use authentic-client for those actions and for requests to your microservices.

  3. In your microservice(s), e.g. reports.scalehaus.io, use authentic-service to decrypt the authentication token provided in the request and verify the user's identity and that their email ends in @scalehaus.io.

Installation

It's best to install each module individually in the project that needs it. In theory, you could have a single project that needs to be the server, client, and service -- in that case feel free to npm install --save authentic. Otherwise use npm install --save authentic-server, npm install --save authentic-service, or npm install --save authentic-client depending on your project.

In Action

Authentic Server

var fs = require('fs')
var http = require('http')
var Authentic = require('authentic').server

var auth = Authentic({
  db: './userdb',
  publicKey: fs.readFileSync('/rsa-public.pem'),
  privateKey: fs.readFileSync('/rsa-private.pem'),
  sendEmail: function (email, cb) {
    // send the email however you'd like and call cb()
  }
})

http.createServer(auth).listen(1337)
console.log('Authentic Server listening on port', 1337)

Microservice


var http = require('http')
var Authentic = require('authentic').service

var auth = Authentic({
  server: 'https://auth.scalehaus.io'
})

http.createServer(function (req, res) {
  // Step 1: decrypt the token
  auth(req, res, function (err, authData) {
    if (err) return console.error(err)

    // Step 2: if we get an email and it's one we like, let them in!
    if (authData && authData.email.match(/@scalehaus\.io$/)) {
      res.writeHead(200)
      res.end('You\'re in!')

    // otherwise, keep them out!
    } else {
      res.writeHead(403)
      res.end('Nope.')
    }
  })
}).listen(1338)

console.log('Protected microservice listening on port', 1338)

Client Login

var Authentic = require('authentic').client

var auth = Authentic({
  server: 'https://auth.scalehaus.io'
})

var creds = {
  email: '[email protected]',
  password: 'notswordfish'
}

// Step 1: log in
auth.login(creds, function (err) {
  if (err) return console.error(err)

  // Step 2: make a JSON request with authentication
  var url = 'https://reporting.scalehaus.io/report'
  auth.get(url, function (err, data) {
    if (err) return console.error(err)

    // show that report
    console.log(data)
  })
})

License

MIT