alex-auth v3.0.1

{ oauth2: { //Use mandatory client secret in the auth request useClientSecret: false, //Enables authentications strategies authentications: 'basic', 'bearer', //Enables authorizations grants grants: 'client_credentials', 'password', 'refresh_token', 'authorization_code' }, validation: { //Enables input validation enabled: false, //Regexp for username username: /^\w.{2,100}$/g, //Regexp for password password: /^(?=.A-Za-z)(?=.\d)(?=.[.)(=,|$@$!%#?&])A-Za-z\d.)(=, | $@ $!%*#?&{8,255}$/g, //Regexp for client name clientId: /^\w.{2,100}$/g, //Regexp for client secret clientSecret: /^(?=.A-Za-z)(?=.\d)(?=.[.)(=,|$@$!%#?&])A-Za-z\d.)(=, | $@ $!%*#?&{8,255}$/g, }, user: { //Users' password are crypted and compared by the specified mode below passwordEnc: 'bcrypt' //bcrypt|crypto|none }, ldap: { //Enable LDAP user binding enabled: false, //Search filters, ex. (|(cn=)(mail=)) authAttributes: 'cn', 'mail', //Returned attribute after search (returned value must match with username column for a successful login) returnAttribute: 'dn', //Ldapper module configuration ldapper: null }, //Crypton module configuration crypton: null, token: { //Token life in seconds life: 3600, //Token length in bytes length: 32, //bytes //Delete active tokens on login autoRemove: true, jwt: { //Enables jwt token instead the standard token enabled: false, //Check if IP caller are the same of jwt IP when it was created ipcheck: false, //Check if user-agent caller are the same of jwt user-agent when it was created uacheck: false, //Secret key for signing jwt token secretKey: 'K7pHX4OASe?c&lm' } } }