authrite-js
v0.4.36
Published
A system for mutual authentication of two parties over a communications channel
Downloads
754
Readme
authrite-js
JavaScript client for Authrite
The code is available on GitHub and the package is published on NPM.
Overview
Authrite is a system for mutual authentication over a communications channel where both parties come to know the identity of the counterparty. authrite-js provides an API for making authenticated HTTP requests from a client to a server that uses the authrite-express middleware.
During setup, the client asks for some basic information from the server and provides their identity key. The server sends back a reply, proving custody over the identity key they send back. Then, every message sent between the two parties is signed and verified, enabling everyone to have confidence in message integrity. Messages are not encrypted by Authrite, but encryption is provided by HTTPS.
Installation
npm i authrite-js
Example HTTP Usage
This example demonstrates sending a simple request sent with authrite-js
const { Authrite } = require('authrite-js')
// Authrite required parameters
const TEST_CLIENT_PRIVATE_KEY =
'0d7889a0e56684ba795e9b1e28eb906df43454f8172ff3f6807b8cf9464994df'
const init = async () => {
// Create a new instance of the Authrite class
// Provide the server baseUrl, and your private identity key
const authrite = new Authrite({
clientPrivateKey: TEST_CLIENT_PRIVATE_KEY
})
// Construct a payload to send as the body of your request
const body = {
user: 'Bob',
message: 'message from client'
}
// Create a new request to the server
const response = await authrite.request('http://localhost:5000/sendSomeData', {
body,
method: 'POST',
headers: {
'Content-Type': 'application/json'
}
})
// Retrieve the response from the server
const responseData = JSON.parse(Buffer.from(response.body).toString('utf8'))
}
init()
Example WebSocket Usage
const { Authrite } = require('authrite-js')
// Authrite required parameters
// Note: The MetaNet Client can be used as a signing strategy as well
const TEST_CLIENT_PRIVATE_KEY =
'0d7889a0e56684ba795e9b1e28eb906df43454f8172ff3f6807b8cf9464994df'
const init = async () => {
// Create a new instance of the Authrite class
// Provide the server baseUrl, and your private identity key
// And make a connection request to the server with an open socket connection
const io = await new Authrite({
clientPrivateKey: TEST_CLIENT_PRIVATE_KEY
}).connect('http://localhost:3000')
// Setup an event handler
io.on('chatMessage', (msg) => {
// Mutual authentication has already happened at this point
console.log(msg.text)
})
// Send a message to the server to get a response
// Note: The server side must be configured correctly to receive a response
await io.emit('chatMessage', { text: 'Hello server!' })
}
init()
API
Table of Contents
Authrite
Client-side API for establishing authenticated server communication
Parameters
$0
Object (optional, default{}
)$0.clientPrivateKey
$0.initialRequestPath
(optional, default'/authrite/initialRequest'
)$0.signingStrategy
(optional, default'Babbage'
)$0.certificates
(optional, default[]
)
obj
object All parameters are given in an object.
request
Creates a new signed authrite request and returns the result
Parameters
requestUrl
String The URL to request on an Authrite-enabled serverfetchConfig
object Config object passed to the Fetch API. The current version of Authrite only supports JSON structures for the fetch body. However, you can include a Buffer as part of the json object. (optional, default{}
)
Returns object The response object. Fields are 'status', 'headers' and 'body' (containing an ArrayBuffer of the HTTP response body)
connect
Support initializing a socket connection to a server Currently implemented as a drop-in replacement for the socket.io wrapper of WebSockets
Parameters
connectionUrl
string the url of the server to connect to over web socketsconfig
object standard socket.io configuration param (optional, default{}
)
on
Configures custom client events for incoming server websocket events
Parameters
emit
Emits a message to a connected server over web sockets
Parameters
addCertificate
Parameters
certificate
object Certificate produced by createCertificate to be added to the cache.
License
The license for the code in this repository is the Open BSV License.