@usemirrorworld/server.utils NPM

Approval Middleware

This middleware is used to authorize actions executed by users. This prevents external entities from performing actions on behalf of users. The way it works is that the user approves an action, which creates a token that is valid for 60 seconds on the Mirror World SSO.

This token should then be used to authenticate the user's action on the target service.

Installation

yarn add @mirrorworld/approval.middleware

Usage

import myRedisClient from "../path/to/redis"
import { ActionApprovalClient } from "@mirrorworld/approval.middleware"

const secret = process.env.MY_JWT_SECRET
const algorithm = process.env.MY_JWT_ALGORITHM

// 1. Create Action approval client
const approvalClient = new ActionApprovalClient({
  redisClient: myRedisClient,
  jwt: {
    secret: secret,
    algorithm: algorithm
  }
})

// 2. Create middleware instance
const approvalMiddleware = approvalClient.createValidateActionMiddleware("x-authorization-token")

// 3. Add middleware to request
router.post("/v1/transfer", approvalMiddleware, async (req, res, next) => {
  // Execute authorized action transfer
})

mirrorworld node sdk

@babel/runtime @google-cloud/bigquery consola device-detector-js express jsonwebtoken redis

@everything-registry/sub-chunk-971 @usemirrorworld/approval.middleware

1.3.1

1 year ago