1.0.5 • Published 2 years ago
easy-express-auth v1.0.5
easy-express-auth
A library for making authorization in your express app just a tad bit easier
Installing
$ npm i easy-express-auth
Importing
To import this module, you can either
- Use it in typescript
import * as easyExpressAuth from 'easy-express-auth';
- Use it as legacy js
const easyExpressAuth = require('easy-express-auth');
Usage
Using this is very simple. Here's an example:
import createApp from 'express';
import cookieParser from 'cookie-parser';
import { Authorizer } from 'easy-express-auth';
// USE A CONFIGURATION FILE OR DATABASE FOR THIS DATA
// THIS IS JUST AN EXAMPLE
const authorizer = new Authorizer({
accounts: [
{
username: 'test',
password: 'account',
},
],
});
const app = createApp();
app.use(cookieParser());
authorizer.on('logIn', console.log);
authorizer.on('lifespanExceeded', console.log);
app.get(
'/pleaseVerifyAuthorization',
authorizer.isAuthorizedHandler('session', false),
(req, res) => {
res.send('You only see this when logged in');
}
);
// NEVER DO THIS IN PROD, USE AN ACTUAL LOGIN SYSTEM
// THIS IS JUST AN EXAMPLE
app.get('/login', (req, res) => {
var username = req.query.username?.toString() || 'defaultUser123';
var pass = req.query.password?.toString() || 'defaultPassword123';
var authResponse = authorizer.attemptLogin(username, pass);
if (!authResponse.success) res.send("You're not logged in :(");
else {
res.cookie('session', authResponse.session.token);
res.send("You're logged in");
}
});
app.listen(8080, function () {
console.log('hearing...');
});
Is this safe?
Probably, but bugs might still occur. If you do find one, please make sure to tell me.
When do I use this?
This is designed for smaller scale projects, in no way is this designed to be a fully fletched production environment authorization solution. There are other APIs for that. That being said, if you do want to use this in a project, sure, go ahead. Just make sure to implement it correctly.
How do I report bugs?
Just send me an email, or, better yet, open an issue on the issue tracker. Any feedback is well received over there.