npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

easy-auth-module

v1.0.2

Published

Personal auth api module using jwt for express/fastify

Downloads

15

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

dimtzilopoylosdimtzilopoylos

Keywords

Readme

easy-auth-module

easy-auth-module is a flexible and easy-to-use authentication module for Node.js applications, designed to handle user authentication, authorization, and related tasks with minimal setup.

Note: This package is primarily intended for personal usage. Feel free to try it out, but be aware that it might not be suitable for all production scenarios.

Installation

Install the package via npm:

npm install easy-auth-module

Usage

Basic Setup with Fastify

import fastify from "fastify";
import Authenticator from "easy-auth-module";
import db from "./db";
import path from "path";

const app = fastify({ logger: true });

const authModule = new Authenticator({
  prefix: "/api/v1/auth",
  http: { type: "fastify", adapter: app },
  auth: {
    identityField: "email",
    credentialsField: "password",
    findUserByIdentifier: (identifier) => db.findOne({ email: identifier }),
    createUser: (data) => db.create(data),
    updateUserPassword: (identifier, password) =>
      db.update({ set: { password }, where: { email: identifier } }),
    verifyUser: (identifier) =>
      db.update({ set: { verified: true }, where: { email: identifier } }),
    refreshTokenConfig: {
      secret: "refreshtokensecret",
      expirationInSeconds: 60 * 60,
      property: "refreshToken",
    },
    accessTokenConfig: {
      secret: "accesstokensecret",
      expirationInSeconds: 5 * 60,
      property: "accessToken",
    },
  },
  mailOptions: {
    host: "mail.example.com",
    port: 25,
    auth: {
      user: "[email protected]",
      pass: "mysupersecretpassword",
    },
    tls: {
      rejectUnauthorized: false,
    },
    secure: false,
    verification: {
      disabled: false,
      ttl: 60 * 60 * 24,
      template: path.join(__dirname, "templates", "verify.ejs"),
      from: "[email protected]",
      subject: "Verify your account",
      baseUrl: "https://www.my-ui-app.com/verify-my-account",
    },
    forgotPassword: {
      disabled: false,
      ttl: 60 * 60 * 24,
      template: path.join(__dirname, "templates", "forgot-password.ejs"),
      from: "[email protected]",
      subject: "Reset your password",
      baseUrl: "https://www.my-ui-app.com/reset-password",
    },
  },
});

app.get(
  "/protected",
  { preHandler: authModule.isAuthenticated() },
  async (req: any, res: any) => {
    return { message: `Hi ${req.authContext.email}` };
  }
);

app.listen({ host: "localhost", port: 8000 });

Basic Setup with Express

import express from "express";
import Authenticator from "easy-auth-module";
import db from "./db";
import path from "path";
import bodyParser from "body-parser";

const app = express();
app.use(bodyParser.json());

const authModule = new Authenticator({
  prefix: "/api/v1/auth",
  http: { type: "express", adapter: app },
  auth: {
    identityField: "email",
    credentialsField: "password",
    findUserByIdentifier: (identifier) => db.findOne({ email: identifier }),
    createUser: (data) => db.create(data),
    updateUserPassword: (identifier, password) =>
      db.update({ set: { password }, where: { email: identifier } }),
    verifyUser: (identifier) =>
      db.update({ set: { verified: true }, where: { email: identifier } }),
    refreshTokenConfig: {
      secret: "refreshtokensecret",
      expirationInSeconds: 60 * 60,
      property: "refreshToken",
    },
    accessTokenConfig: {
      secret: "accesstokensecret",
      expirationInSeconds: 5 * 60,
      property: "accessToken",
    },
  },
});

app.get("/protected", authModule.isAuthenticated(), async (req, res) => {
  return res.json({ message: `Hi ${req.authContext.email}` });
});

app.listen(8000, () => {
  console.log("Server is running on port 8000");
});

The /protected route is protected by the isAuthenticated middleware provided by authModule. If the user is not authenticated, it respondes with an unauthorized error. You can access the authenticated user's data by req.authContext anywhere you use authModule.isAuthenticated() middleware.

Features

  • Flexible Configuration: Customize authentication settings to fit your application's requirements.
  • Integration with Fastify/Express: Seamlessly integrate with Fastify or Express for efficient handling of authentication routes and middleware.
  • Token Management: Generate access and refresh tokens with configurable expiration times and properties.
  • Email Verification: Enable email verification for new user accounts, with customizable email templates and verification URLs.
  • Password Reset: Implement password reset functionality with customizable email templates and reset URLs.

API

Authenticator

  • Authenticator(options): Constructor function to create a new instance of the Authenticator.
Options
  • prefix: The base URL prefix for authentication routes.
  • http: Configuration for HTTP server integration (supports Fastify).
  • auth: Configuration options for authentication behavior.
  • mailOptions: Configuration options for email communication, including verification and password reset emails.

Custom Email Templates (Recommended)

For the forgotPassword and verification features, you can customize the email templates (providing their path in the config).Below you can see example payloads enhanced with forgotPassword as well as verification properties. Ensure that your email templates are .ejs files.

// Example of template data for forgotPassword feature:
{
  "email": "[email protected]",
  "name": "John Doe",
  "forgotPassword": {
    "url": "https://www.my-ui-app.com/reset-password?token=resetToken123"
  }
}

// Example of template data for verification feature:
{
  "email": "[email protected]",
  "name": "John Doe",
  "verification": {
    "url": "https://www.my-ui-app.com/verify-account?token=verificationToken123"
  }
}

Authentication Endpoints

GET {prefix}

Get the authenticated user

Headers

Authorization (string, required): Bearer token containing the access token.

POST {prefix}/register

Registers a new user with the provided credentials.

Request Body

  • email (string, required): The email address of the user (it has to match the identifyField in config).
  • password (string, required): The password for the user account (it has to match the credentialsField in config).
  • ...: anything else that you can handle in the createUser callback

POST {prefix}/login

Logs in a user with the provided credentials and returns access and refresh tokens.

Request Body

  • email (string, required): The email address of the user (it should match the identifyField in config).
  • password (string, required): The password for the user account (it should match the credentialsField in config).

POST {prefix}/refresh-token

Refreshes the access token using the provided refresh token.

Request Body

  • refreshToken (string, required): it should match the property field inside refrshTokenConfig.

GET {prefix}/verify/:token

Verifies the user's account using the verification token.

Path Parameters

  • token (string, required): The verification token sent to the user's email address.

POST {prefix}/verify

Retry sending a verification email. This operation will fail if there is already an active token that didn't expired (ttl field in mailOptions.verification)

Request Body

  • email (string, required)

POST {prefix}/forgot-password

Initiates the password reset process by sending a reset link to the user's email address.

Request Body

  • email (string, required): The email address of the user.

POST {prefix}/forgot-password/:token

Resets the user's password using the reset token and the new password.

Path Parameters

  • token (string, required): The reset token sent to the user's email address.

Request Body

  • password (string, required): The new password for the user account.
  • verifyPassword (string, required): has to match the password field.

POST {prefix}/change-password

Resets an authenticated user's password.

Headers

Authorization (string, required): Bearer token containing the access token.

Request Body

  • oldPassword (string, required): The user's old password.
  • password (string, required): The new password for the user account.
  • verifyPassword (string, required): has to match the password field.