JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 308
  • Score
    100M100P100Q86108F
  • License MIT

This is the service component of Authentic. This will help decode tokens so that you can authenticate users within a microservice.

Package Exports

  • authentic-service
  • authentic-service/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (authentic-service) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

AuthenticService

This is the service component of authentic. This will help decode tokens so that you can authenticate users within a microservice.

Example

const http = require('http')
const Authentic = require('authentic-service')

const auth = Authentic({
  server: 'https://auth.scalehaus.io'
})

http.createServer(function (req, res) {
  // Step 1: decrypt the token
  auth(req, res, function (err, authData) {
    if (err) return console.error(err)

    // Step 2: if we get an email and it's one we like, let them in!
    if (authData && authData.email.match(/@scalehaus\.io$/)) {
      res.writeHead(200)
      res.end('You\'re in!')

    // otherwise, keep them out!
    } else {
      res.writeHead(403)
      res.end('Nope.')
    }
  })
}).listen(1338)

console.log('Protected microservice listening on port', 1338)

Installation

npm install --save authentic-service

API

Authentic(opts)

This is the main entry point. Accepts an options object and returns a function that can parse and decrypt tokens from http requests.

const auth = Authentic({
  server: 'https://auth.scalehaus.io'
})

// auth is now a function that accepts req, res, and a callback
auth(req, res, function(err, authData) { ... })

options

Authentic() takes an options object as its first argument, one of them is required:

  • server: the url of the authentic-server, e.g. 'http://auth.yourdomain.com'

Optional:

  • prefix: defaults to '/auth' if you set a custom prefix for your authentic-server, use that same prefix here
  • cacheDuration: defaults to 3600000 (1 hour in milliseconds). To minimize latency and requests, this is how long authentic-service will cache the authentic-server public key.
  • checkExpiredList: will check email against the expired list on authentic-server, this will reject any token issued before a remote expiration (e.g. password change). This feature must also be enabled on authentic-server.

License

MIT