1.0.9 • Published 5 years ago
cas-secure v1.0.9
cas-secure
Secure Express/connect APIs against a CAS server
Install
npm install --save cas-secure
How to use
Require Package
var secure = require('cas-secure').set(options);
Where options is one of the following:
- String: The base url of CAS (For example: http://my.cas-server.com/cas).
- Object: An object with the following properties:
- base_ur Mandaory: The base url of CAS (For example: http://my.cas-server.com/cas).
- version Optional: CAS protocol version. Posible values are 1, 2 or 3. Default 3.
- action Optional: Default action that cas_secure should take with failed authentication (Default block):
- block: Returns a 401 (Unauthorized) status code.
- pass: Pass the error to next, to be handled by express/connect error handler.
- ignore: call next middleware, but don't write info about user.
- validateUrl Optional: Url for proxy/ticket validation:
- Default for protocol version 1: /validate
- Default for protocol version 2: /proxyValidate
- Default for protocol version 3: /p3/proxyValidate
- service Optional: this service identification. Defaults to the value of the Host header.
Use middleware
/*
secure.validate expects the ticket to be found in "ticket" query parameter (req.query.ticket),
or in "Authorization" header (req.headers.authorization) of Bearer type .
*/
app.use(secure.validate(action), function SecuredMiddleware(req, res, next){
/*
Your code goes here
If user got authenticated:
* req.cas.user will have user id
* req.cas.attributes will have user attributes released by cas.
*/
})
action can be one of block, pass or ignore, and will override the configured default action.
If no action is provided, will use the default one.