npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

express-auth-flow

v1.0.10

Published

Express authentication flow based on jwt

Downloads

15

Readme

Express-Auth-Flow

Express-auth-flow is a package for authentication flow based on jwt. It was created to be used with Express.js and Mongodb. The functionalities that this package offer are: signup, login, logout, update password, forgot passwrod and logout.

Install

# with npm
npm install express-auth-flow

# with yarn
yarn add express-auth-flow

Usage

First you must create a model for your users with any name you want, and must have at least the below fields (the names must be exactly the same)

  • email
  • username
  • password

A very basic example is demonstrated below using mongoose (It is highly recommended to validate every field)

//Model file
const mongoose = require("mongoose");
const { Schema } = mongoose;

const userSchema = new Schema({
    email: String,
    username: String,
    password: String
})

module.exports = mongoose.model("User", userSchema);

Now in you router file you must require your user's model and the express-auth-flow, and make routes as below. The paths must be the same in order the package to recognize them. The emails are sent via sendgrid and you must login for a free account and create an api key(Settings -> API Keys). The options argument are:

  • apiKey: The key that you have created from sendgrid
  • from: Your company's/app's email(It must be the one that you have verified on sendgrid)
  • subject: The email's subject
  • text: The raw message
  • html: The message formated with html

An example is demonstrated below

//Router file
const express = require("express");

const User = require("../model/userModel");
const auth = require("express-auth-flow");

const router = express.Router();

options = {
    apiKey: process.env.SENDGRID_API_KEY,
    from: "[email protected]",
    subject: "Reset token",
    text: "This is a test",
    html: "<h1>This is a test</h1>"
}

router.post("/signup", auth(User).signup);
router.post("/login", auth(User).login);
router.post("/update-password", auth(User).updatePassword);
router.post("/forgot-password", auth(User, options).forgotPassword);
router.post("/reset-password/:token", auth(User).resetPassword);

module.exports = router;

Request

Now lets analyze the response that expected from every route

/signup

{
    email: "an email",
    username: "the user's username",
    password: "the user's password",
    confirmPassword: "confirmation password. Not stored in DB"
}

/login

{
    email: "user's email"
    password: "the user's password"
}

/logout

No input

/update password

{
    email: "user's email",
    password: "the user's old password",
    newPassword: "the user's new password",
    confirmPassword: "confirmation password. Not stored in DB"
}

/forgot password

{
    email: "user's email"
}

/reset password

{
    password: "the user's new password",
    confirmPassword: "confirmation password. Not stored in DB"
}

Notice

The forgot password functionality works like this: First the user goes to /forgot-password route and fills their email. Then an email is sent to the provided email with a reset token link that is valid for 10 minutes and when the user redirects to that link must provide the password and the confirmPassword in order to change their password.

Response

All the responses are json objects with status and message keys. In login's response the json object contains a key named token which is sent for the succesful login. In addition the login response send a cookie, this is for the frontend functionality. Finally, the logout is only for the frontend functionality as it deletes the cookie and the user is logged out.

login response

{
    "status": "Success",
    "token": "a token tha will be sent as a response"
}

Contact

For any error/bug or just to say hello, feel free to send me at this email: [email protected]