polar-auth
v0.1.3
Published
standard auth helpers and middlware for polar
Downloads
2
Readme
polar-auth
Config
jwt_secret
(required): Secret key for JWT token encodingid_key
: Key for ID on User object (default "_id")login_key
: Key to check alongside password on User object (default "email")
Functions
getUser(user_query, cb)
(required): Get a user with a query object e.g.{[login_key], password}
or{[id_key]}
createUser(new_user, cb)
: Create a new user (for signup)updateUser(user_id, user_update, cb)
: Update a user given an ID (for password reset)sendEmail(email_name, email_params, cb)
: Send an email to a user, e.g. for resetting their password.
Usage
Instantiate by requiring polar-auth
and passing a config object (or multiple config objects)
polar_auth = require 'polar-auth'
config.auth = {jwt_secret: "8s8dmfas8df..."}
auth = polar_auth config.auth, {getUser, createUser, updateUser, sendEmail}
The resulting auth object has a number of middleware and route functions:
auth.jwt_middleware
: A middleware function that usesgetUser
to check if a user is logged in, assigning the result tores.locals.user
.auth.requireLogin
: A middleware function that checks ifres.locals.user
is defined, and redirects to/
otherwise.auth.showLogin
: A route function that shows the login page (which also contains signup, forgot, and reset views).auth.doLogin
: A route function that logs a user in.auth.doSignup
: A route function that signs a new user up.auth.doForgot
: A route function that sends a forgot password email.auth.doReset
: A route function that resets a user's password.auth.doLogout
: A route function that clears the user from the session and redirects to/
.
Full Example
polar = require 'polar'
polar_auth = require 'polar-auth'
somata = require 'somata'
config = require './config'
client = new somata.Client
DataService = client.bindService 'myproject:data'
auth = polar_auth config.auth, {
getUser: (user_query, cb) -> DataService.getUser user_query, cb
id_key: 'id' # Using postgres instead of mongo
}
app = polar config.app,
middleware: [auth.token_middleware]
app.get '/', auth.requireLogin, (req, res) ->
res.render 'app'
# Using all the available routes
app.get '/login', auth.showLogin
app.post '/login.json', auth.doLogin
app.post '/signup.json', auth.doSignup
app.post '/forgot.json', auth.doForgot
app.post '/reset.json', auth.doReset
app.get '/logout', auth.doLogout