npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

cimpress-express-auth0

v4.1.0

Published

Express middleware designed for managing a web application's interactions with the Auth0 SDK.

Downloads

3

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dpurringtondpurringtondtoccodtocco

Keywords

auth0oauthexpressmiddleware

Readme

Build Status

Only building on node 8. Not using yarn anymore

cimpress-express-auth0

Express.js middleware designed for managing a web application's interactions with the Auth0 SDK.

Installation

npm install cimpress-express-auth0 --save, or

yarn add cimpress-express-auth0

Usage

Auth0 Verification

The config object passed in must have the following sections and fields:

var config = {
  secret: 'The client secret, only needed for OAuth v1',
  clientId: 'Your own client id, only needed for OAuth v1',
  domain: 'The token issuer w/o https:// or the trailing /',
  realm: 'The realm of the token, used in the challenge headers, full url (w/ https:// and  trailing /)',
  jwksUrl: 'The url to retrieve the jwk from, only needed for OAuth v2',
  audience: 'The audience for the auth token',
  enableV1: 'Should auth v1 be enabled (defaults to true), not required',
  preferRequestLogger: 'Should use a logger on the request object, not required',
  excludedRoutes (OPTIONAL): [  // Routes that shouldn't be protected by Auth0
    {
      url: '/healthcheck',  // Supports a regex as well
      methods: ['GET'],   // Optional, if none specified then assumes all methods shouldn't   use auth0
    },
  ],
};

This library also supports the 'express-unless' library.

You must also pass in a cache object, used for only OAuth v2, with the following two functions:

- get(string key) { // Must return a promise
    return (The value associated with the key);
  }
- set(string key, string value, int TTL) {
    return;
  }
const auth = require('cimpress-express-auth0');
const express = require('express');
const config = require('./config');
const cache = require('./cache');

const logger = console;
const app = express();

auth(app, config, logger, cache).then(() => {
  app.get('/healthcheck', someHealthcheckController);
  app.listen(3000);
});

Secret Management

We highly recommend against keeping values such as your secret as plain text in any configuration. Instead you should use some kind of secure secrets manager. One recommended library is the [aws-secrets] library (https://github.com/Cimpress-MCP/aws-secrets).

Development

We are using semantic-release with AngularJS Git Commit Message conventions. Please ensure that you use that commit message format so that publishing happens as needed. We recommend using commitizen for that.