authentic-service
v1.0.0
Published
This is the service component of Authentic. This will help decode tokens so that you can authenticate users within a microservice.
Downloads
121
Readme
AuthenticService
This is the service component of authentic. This will help decode tokens so that you can authenticate users within a microservice.
Example
const http = require('http')
const Authentic = require('authentic-service')
const auth = Authentic({
server: 'https://auth.scalehaus.io'
})
http.createServer(function (req, res) {
// Step 1: decrypt the token
auth(req, res, function (err, authData) {
if (err) return console.error(err)
// Step 2: if we get an email and it's one we like, let them in!
if (authData && authData.email.match(/@scalehaus\.io$/)) {
res.writeHead(200)
res.end('You\'re in!')
// otherwise, keep them out!
} else {
res.writeHead(403)
res.end('Nope.')
}
})
}).listen(1338)
console.log('Protected microservice listening on port', 1338)
Installation
npm install --save authentic-service
API
Authentic(opts)
This is the main entry point. Accepts an options object and returns a function that can parse and decrypt tokens from http requests.
const auth = Authentic({
server: 'https://auth.scalehaus.io'
})
// auth is now a function that accepts req, res, and a callback
auth(req, res, function(err, authData) { ... })
options
Authentic()
takes an options object as its first argument, one of them is required:
server
: the url of theauthentic-server
, e.g.'http://auth.yourdomain.com'
Optional:
prefix
: defaults to'/auth'
if you set a custom prefix for yourauthentic-server
, use that same prefix herecacheDuration
: defaults to3600000
(1 hour in milliseconds). To minimize latency and requests, this is how longauthentic-service
will cache theauthentic-server
public key.checkExpiredList
: will check email against the expired list onauthentic-server
, this will reject any token issued before a remote expiration (e.g. password change). This feature must also be enabled onauthentic-server
.
License
MIT