spike-auth-middleware
v1.1.6
Published
This REPO is a Spike npm module that can be used to recieve an Authorization Bearer Token express.js middleware to allow certain scopes to certain endpoints.
Downloads
83
Readme
Spike npm module: "spike-auth-middleware"
This REPO is a Spike npm module that can be used to recieve an Authorization Bearer Token express.js middleware to allow certain scopes to certain endpoints.
Usage
const path = require("path");
const { getSpikeAuthMiddleWare } = require("spike-auth-middleware");
const configuration = {
audience: 'audience',
allowedScopes: ["read"],
pathToPublicKey: path.resolve(__dirname, 'relative/path/to/certificate')
};
const allowForReadScopeOnly = getSpikeAuthMiddleWare(configuration);
// express.js code:
app.get('/', allowForReadScopeOnly, (req,res,next) => {
res.status(200).send('allowed for read scope');
})
Options For getSpikeAuthMiddleWare
- audience: (String) audience to demand in JWT payload
- pathToPublicKey: full path to public key to authenticate JWT signature with
- allowedScopes: (Array) list of all allowed scopes in this middleware - default: ["read"]
- useBearerToken: (Boolean) set to true if Authorization header should start with 'Bearer' - default: true