arac-authorize v0.0.40
arac-authorize
Installation
Before installing, download and install Node.js. Node.js 16.0.0 or higher is required.
npm install arac-authorize --save
Setup
For the initial setup we need to setup a config object which is needed by the package to work smoothly.
- EmailTransportConfig is needed to setup the email server
- EncyptConfig is needed for encrptying the otp key obtained with aes-256 for which a private key and IVString is needed
- SMSTransportConfig is needed to setup the message service
- StoreConfig provides the configuration for storing the user Sessions
- OTPConfigText takes in the email Template (also supports HTML)
- AppliactionPrivilege is a list of static priviledges that the application supports
- UserManagerConfig is needed for managing the user details by the user management package
import { configure, Auth } from "arac-authorize";
const config = {
EmailTransportConfig: {
EmailFrom: 'email-from',
Host: 'email-server-used-for-email-otp',
Password: 'email-server-password',
Username: 'email-server-username',
OTPConfigText: 'Template for the Mail',
Type: 'smtp',
},
EncyptConfig: {
PrivateKey: 'CRYPT_PASSWORD',
IVString: 'dfghyoprdertyijbackancnakcnacnkacnkajdcnkajsdnkjsdnk',
},
SMSTransportConfig: {
OTPConfig:{
AppID: 'string',
AppKey: 'string',
from: 'string',
serviceProvider: 'SMSServiceProvider',
}
},
StoreConfig: {
URL: 'redis://default:redispw@localhost:55000'
},
OTPConfigText:'string',
ApplicationPriviledge:[
{
key: 'May_Create_User',
name: 'May Create User',
description: 'Has Permission to Create User',
}
],
UserManagerConfig:{
Username: 'string',
Password: 'string',
Port: 'string',
DBName: 'string',
}
};
const auth: Auth = configure(config);
Generate OTP
// Send OTP to email, key will need to pass to validate the OTP
const key = await auth.authenticateByEmailOTP('your-email@host-email.com');
// OR
const key = await auth.authenticateBySMSOTP('9999999999');
Generate Session Id
Validate OTP by sending the otp, key, Type of verification (phone or email), expiration time of the session (in ms) and user (optional), create session and return Session ID, use session id to validate user session
Type of verification is an object which takes in the mode of verification (email or phone are currently supported) as enum and the value as a string
The object OTPTransporter looks like:
OTPTransporter = {
type:OTPTransportIdentifierType.phone,
value:'999999999'
}
OTPTransportIdentifierType enum has values
OTPTransportIdentifierType{
email = 'email'
phone='phone'
}
Sample for getting a session object
/**
* OTPTransporter = {
* type:OTPTransportIdentifierType.phone,
* value:'999999999'
* }
*/
const session = await auth.loginWithOTP(otp, key,OTPTransporter, 10000, user);
// OR
const session = await auth.loginWithUsernamePassword(otp, key,OTPTransporter, 10000, user)
Is Session Active
// Validate user session with the sessionId
const isValidSession = await auth.validateUserSession(session.sessionId);
Is User Authorized
Sample priviledge object
priviledge = {
key: 'May_Create_User',
name: 'May Create User',
description: 'Has Permission to Create User',
}
Sample for checking access for required priviledges
//requiredPriviledge is a priviledge/the list of priviledges the user is checking access to
const isAuthorized = await auth.hasAccess(requiredPriviledge,session.sessionId)
Logout User
const hasLoggedOut = await auth.logout(session.sessionId);
3 months ago
3 months ago
3 months ago
6 months ago
10 months ago
7 months ago
7 months ago
12 months ago
12 months ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
2 years ago
2 years ago
2 years ago
2 years ago
1 year ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago