JSPM

@tejaskumar/express-basic-auth

6.0.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 2
  • Score
    100M100P100Q15739F
  • License MIT

express middleware to perform http basic authentication

Package Exports

  • @tejaskumar/express-basic-auth

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@tejaskumar/express-basic-auth) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Express middleware for basic authentication

Prerequisites

  • express based webserver
  • mysql (knex compatible) database (see @pubcore/knex-auth)

Features

  • supports two type of users: SYSTEM and HUMAN
  • will set an user object to express req object (if authentication succeeded)
  • serves allways "401 Unauthorized" and cancel URI, if no credentials
  • serves allways "401 Unautherized" and cancel URI, if user not found
  • calls express "next", if username and password is ok
  • redirect to "deactivated" page, if wrong password used too much within a time window (105ms)
  • redirect to "deactivated" page, if last login of user is long time ago
  • updates last login stamp, one time within defined time frame
  • redirects to change password page (including a back-uri), on first request of new user
  • redirects to change password page (including a back-uri), if password is expired
  • support secondary password for SYSTEM users
  • does set a flag to user object (oldPwUsed), if secondary password exists, but old password has been used
  • optinal support of login by JsonWebToken cookie (Jwt), enabled if option "jwtKeyFile" is available

activity diagram

Configuration options (set on server startup)

    options = {
        publicCancelLoginUri:'/login/canceled',
        publicDeactivatedUri:'/login/deactivated',
        changePasswordUri:'/login/pwchange',
        maxTimeWithoutActivity: 1000 * 60 * 60 * 24 * 180,//[msec]
        maxLoginAttempts:10,
        maxLoginAttemptsTimeWindow:1000 * 3600 * 24,//[msec]
        minTimeBetweenUpdates:1000 * 3600,//[msec],
        jwtKeyFile:'/run/secret/jwt-key.txt' //optional
    },
    table = 'user',

Example

    const
        createLoginMiddleware = require('@pubcore/express-basic-auth').default,
        options = {
            changePasswordUri:'/login/pwchange',
            publicDeactivatedUri:'/login/deactivated',
            publicCancelLoginUri:'/login/canceled',
            maxTimeWithoutActivity: 1000 * 60 * 60 * 24 * 180,//[msec]
            maxLoginAttempts:10,
            maxLoginAttemptsTimeWindow:1000 * 3600 * 24,//[msec]
            minTimeBetweenUpdates:1000 * 3600,//[msec]
        },
        table = 'user',
        knex = new Knex({
            client: 'mysql', connection: {/* see knex*/}
        }),
        db = {knex, table}

    const login = createLoginMiddleware({db, options})
    const router = express.Router()
    router.all('/', login)