Bentojs-api-auth NPM

Authentication Module

Setup

# Install npm package
$ npm install bentojs-api-auth --save

Payload

The authentication payload gives you a couple of additional options for how the api stores and manages authentication tokens.

Source

The source key allows you to define a unique authentication source, this enables you to sign in on the same account from multiple sources. Signing in under the same source will de-authenticate the previous token so make sure to send the source if you want the user to be able to sign under multiple applications at the same time.

Remember

The remember key will remove the expiration time on the token making it last forever. A token that is set to not expire will be over-written if the front end applications loses the key and a new authentication token is generated.

Endpoints

POST /auth/login

Provides basic authentication using identifier and password. The identifier of an account is defined in the module hooks and can be adjusted for each project based on needs. When making a basic request use the following JSON payload:

{
  "identifier" : "john.doe@fixture.none",
  "password"   : "password",
  "source"     : "web",
  "remember"   : false
}

POST /auth/facebook

Provides facebook login by providing the api with a facebook access token. The facebook service will attempt to match the facebook user id with the facebook id registered in our records. If no record is found we report a 404 error. Use the following JSON payload:

{
  "token"    : "fb_access_token",
  "source"   : "web",
  "remember" : false
}

GET /auth/me

Returns the user object that is connected to the Authorization token provided in the request header.

GET /auth/validate

Returns 204 or a 401 based on the validity of the token provided in the Authorization key provided in the request header.

GET /auth/expires

Returns a response object with the token and expiresAt key. The expiry timer is null for a token without a expiration timer or a unix timestamp with the expiration time.