1.0.1 • Published 2 years ago
express-hash v1.0.1
express-hash
Tiny tool to check the authenticity of request in client server communication that can be used as a middleware in server side and simple function at client side
How to Use
Tool contains two parts
Client
Generate the hash at client side by leveraging the 'sign' option.
Server
Verify the authenticity of the request by making use of the server side 'verify' option
Please note the server will expect the generated hash in the request header by the key 'signature'
defaults.json
You can provide the necessary details in a json format as below. In the absence of those details defaults values will be assumed
Sample json
{
"hashKey":"cf4252f9bc4753c7f798c0a9973b6e70",
"limit": 60,
"algorithm":"md5",
"data":{
"query":{},
"body":{}
},
"method":"GET"
}
Sample hash generation
const exphash= require('express-hash');
const defaults= require('./defaults.json');
const msg= exphash.sign(defaults);
console.log('Generated hash ',msg);
Result
Generated hash B516D37C0F1C4C74C48BF44056381DD8A3956C3764A5D3692772076CEE5800C097FFD1991DBE606E999F7BEFEE0BF42EC292D7A595F5CDFDF30F2704CBE9BC0F
Actions at server side
The verify function is a middleware and you can pass the configurations in the same structure as used in client side(Please use the same hashKey at both sides)
It will verify the authenticity of the request.
You can check the authenticity with the request time as well(can be configuired under limit section. Defaults to 60 seconds)
If the request looks fine it will pass to next section