2.1.0 • Published 6 months ago
auth-pro v2.1.0
auth-pro
A comprehensive TypeScript authentication package providing multiple authentication methods including basic password-based authentication, OTP verification, and OAuth social authentication.
Table of Contents
Features
🔐 Secure Password Handling
- PBKDF2-based password hashing
- Configurable digest algorithm
- Secure salt generation
📧 OTP Authentication
- 6-digit OTP generation
- Email-based OTP delivery
- Configurable OTP expiry (default: 5 minutes)
- In-memory OTP storage with auto-expiry
🔑 Social Authentication
- Support for multiple OAuth providers
- Customizable user data extraction
- Access and refresh token handling
- Built-in error handling
🎟️ JWT Token Management
- Token generation with customizable expiry
- Token verification
- Secure JWT secret key handling
Installation
npm install auth-proEnvironment Variables
Create a .env file with the following variables:
# JWT Configuration
JWT_SECRET_KEY=your_jwt_secret_key
DIGEST_ALGORITHM=sha512
# Email Configuration (for OTP)
MAIL_HOST=your_smtp_host
MAIL_USER=your_smtp_username
MAIL_PASS=your_smtp_password
MAIL_FROM=your_sender_email
# OAuth Configuration (for each provider)
PROVIDER_CLIENT_ID=your_oauth_client_id
PROVIDER_CLIENT_SECRET=your_oauth_client_secret
PROVIDER_REDIRECT_URI=your_oauth_redirect_uri
PROVIDER_TOKEN_URL=your_oauth_token_url
PROVIDER_USER_INFO_URL=your_oauth_user_info_urlUsage
Basic Authentication
import { hashUtil } from 'auth-pro';
// Generate salt for new user
const salt = hashUtil.createSalt();
// Hash password for storage
const hashedPassword = hashUtil.createHash('userPassword', salt);
// Verify password during login
const isValid = hashUtil.verifyHash(
'inputPassword',
hashedPassword,
salt
);OTP Authentication
import { otpService } from 'auth-pro';
// Generate and send OTP
await otpService.sendOTP('user@example.com');
// Verify OTP
const isValid = otpService.verifyOTP('user@example.com', '123456');Social Authentication
import { authenticateOAuth } from 'auth-pro';
// Configure data extraction
const config = {
extractUserData: (profile: any) => ({
id: profile.id,
email: profile.email,
name: profile.name
})
};
// Authenticate with OAuth provider
try {
const authResponse = await authenticateOAuth(
'authorization_code',
config,
'GITHUB' // or other provider
);
const { user, accessToken, refreshToken } = authResponse;
} catch (error) {
if (error.code === 'TOKEN_ERROR') {
// Handle token error
}
}Token Management
import { tokenUtil } from 'auth-pro';
// Generate JWT token
const token = tokenUtil.generateToken(
{ userId: '123', email: 'user@example.com' },
3600 // expires in 1 hour
);
// Verify token
try {
const payload = tokenUtil.verifyToken(token);
} catch (error) {
// Handle invalid token
}Utilities
import { validator } from 'auth-pro';
// Validate email
const isValidEmail = validator.validateEmail('user@example.com');API Reference
Hash Utilities
createSalt(): string- Generates a cryptographically secure random saltcreateHash(value: string, salt: string): string- Creates a hash using PBKDF2verifyHash(value: string, storedHash: string, salt: string): boolean- Verifies a value against stored hash
OTP Services
sendOTP(email: string): Promise<string>- Generates and sends OTP via emailverifyOTP(email: string, otp: string): boolean- Verifies provided OTPgenerateOTP(): string- Generates a 6-digit OTP
Token Utilities
generateToken(payload: object, expiresIn?: number): string- Generates JWT tokenverifyToken(token: string): object | string- Verifies and decodes JWT token
Social Authentication
authenticateOAuth(code: string, config: OAuthConfig, provider: string): Promise<OAuthResponse>- Handles OAuth authentication flow
Validators
validateEmail(email: string): boolean- Validates email format
License
ISC License
Created with ❤️ by Jay Vekariya