JSPM

@frani/easy-no-password

2.0.4
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 10
  • Score
    100M100P100Q61944F
  • License MIT

Generates secure, timestamped tokens for passwordless authentication without a database backend.

Package Exports

  • @frani/easy-no-password

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@frani/easy-no-password) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Easy No Password

The increasing scrutiny over weak passwords has been leading more and more developers to opt for passwordless login flows and two-factor authentication.

Passwordless login and two-factor authentication usually involve emailing or texting a unique token to a user, and giving them a certain amount of time to enter that token into the login screen.

This library is unique because it uses cryptography techniques to generate timestamped tokens, eliminating the need for a database to store tokens. The tokens themselves contain all the information needed to check for their validity.

Installation

$ npm install  @frani/easy-no-password

Quick Start

const enp = require('@frani/easy-no-password')

// Creating a token
let userid = 'frani'
let secret = 'shh-this-is-our-secret'
let token = await enp.create(userid, secret) // '8ejx73k9z01'

// Validating a token
let token = '8ejx73k9z01'
let userid = 'frani'
let secret = 'shh-this-is-our-secret'
let validated = await enp.validate(token, userid, secret) // TRUE or FALSE

More Details

The tokens are 64-bit values encoded into 10-11 ASCII characters. Tokens are generated with a millisecond timestamp resolution. This means that with the default window of 15 minutes, at any point in time, 9e5 tokens are valid out of a total space of 2^64 (0.000000000005%).

Contributing

Contributions are welcome. Before submitting a pull request, please check for errors by running the tests and the JavaScript linter.

$ cd /path/to/easy-no-password
$ npm run test
$ npm run lint

Please also run your changes with an newer version of Node.js; this library supports from to Node.js version 10.x Github Actions will fail if you write code incompatible with Node.js version 10.x

License

MIT

Inspiration

sffc's repository