@rss/auth NPM | npm.io

@rss/auth

Helper library for working with token server.
rss token authenticatoin strategy for passport.

Installation

$ npm install @rss/auth

Server Usage (express.js)

Initialize

TokenHelper must be initialize before first using any method on it or passing it into the strategy.

const TokenHelper = require('@rss/auth').TokenHelper;

TokenHelper.initialize({
  tokenClientName: config.TOKEN_CLIENT_NAME,
  tokenClientKey: config.TOKEN_CLIENT_KEY,
  tokenServerURL: config.TOKEN_SERVER_URL
});

Available Options

TokenHelper initialize takes an hash value with the following options.

tokenClientName - Required, client name registered with the token server
tokenClientKey - Required, client key for the token server
tokenServerURL - Required, url location of the token server
redis - Optional, configuration options for redis. if this is not defined then fallback to using memory-cache

Configure Strategy

The rss authentication strategy authenticates users using a token passed in on the reqeust header. The strategy requires a verify callback, which accepts valid decoded token and calls done providing a user.

passport.use(new RssStrategy({ tokenHelper: TokenHelper }, function(decodedToken, done) {
    // load user
    const user = decodedToken;
    return done(null, user);
}));

Available Options

This strategy takes an hash value with the following options

tokenHelper - Required, TokenHelper after its been initialize

Authenticate Requests

Use passport.authenticate(), specifying the 'rss' strategy, to authenticate requests.

app.post('/api/sample', 
  passport.authenticate('rss', { session: false }),
  function(req, res) {
    res.redirect('/');
  });

Available Options

This strategy takes an hash value with the following options

session - Options, save user to session - should be set to false
usage - Optional, what token type is acceptable. Default to all but can limit to CLIENT or USER

Token Helper API

TokenHelper.clientToken()

Get a clientToken to use for communicating to other services.

TokenHelper.clientToken().then(clientToken => {
  // clientToken can now be use for request
})

Client Usage (angular)

Initialize

Client.checkIfAuthenticated should be call in the app.component

import { Client } from '@rss/auth/angular/client';

export class AppComponent {
  ngOnInit() {
    Client.checkIfAuthenticated(this.location, 'URL_TO_AUTHENTICATE_USER').then(() => {
      // user is authenticated - load profile
    });
  }
}