1.0.4 • Published 8 years ago

express-vericode v1.0.4

Weekly downloads
2
License
MIT
Repository
github
Last release
8 years ago

express-vericode

Verification code flow to protect sensitive operations requiring double confirmation the operator's identity

HOW TO Use:

  1. Use whitelist to define the URL that should be protected. Only Regexp are supported.
  2. First, call /code api with identity as parameter to retrieve the code
  3. Second, call /validate to validate the identity and code combination is correct then retrieve vericode_token
  4. Third, call the target protected URL with parameter vericode_token in query parameter or form body
  5. Finally, this module will check if the vericode_token is valid and pass vericode_token to next middleware in res.locals.vericode_token.
  6. Consecutive middleware may retrieve identity from res.locals.vericode_token.

TODO

  1. Rate Limiting - Don't resend verification code in short period
verificationcode
debuges6-template-stringsjsonwebtokenlodashnode-regexpnode-uuidnodemailerrandomstringregexshortidsmtp-connectionurl-join
@everything-registry/sub-chunk-1637@infinitebrahmanuniverse/nolb-express-v
1.0.4

8 years ago

1.0.3

8 years ago

1.0.2

8 years ago

1.0.1

8 years ago

1.0.0

8 years ago