moneypenny v0.3.1
moneypenny - Authentication Service
[
](https://circleci.com/gh/blueflag/m
oneypenny/tree/master)
Moneypenny acts as an authentication service that offers multiple authentication strategies to a backend service and sends a JSON web token(JWT) encripted using a shared secret as a response.
Other services in the architecture should also know the shared secret allowing the token to be passed around in API calls to provide user information related to the request.
##Generating Documentation
npm run doc##Related Projects
##Sample Useage
##Endpoints
The following endpoints are established by the initialize(app) function
| Endpoint | Description |
|---|---|
| /oauth2/authorization | oAuth2 Authorization Endpoint |
| /oauth2/token | oAuth2 Token Endpoint |
| /logout | Logout user from moneypenny |
##API documentation.
moneypenny-server
Authentication server that uses both oAuth2 and JWT for authentication For single sign on.
- moneypenny-server
- module.exports(options) ⇒ MoneyPenny ⏏
module.exports(options) ⇒ MoneyPenny ⏏
Create a moneypenny server
Kind: Exported function
Returns: MoneyPenny - moneypenny service.
| Param | Type | Description |
|---|---|---|
| options | Options | options to configure moneypenny with. |
module.exports~ensureAuthenticated
Middleware for checking that people using the service are authenticated.
Adds req.sesson.returnTo, the url to redirect the user to after login.
Kind: inner property of module.exports
| Param | Type | Description |
|---|---|---|
| req | request | express request to check authenticated |
| res | response | express response related to this request |
| next | function | callback to next middleware to handle request. |
module.exports~ensureAuthenticated(req, res, next)
Middleware for checking that people using the service are authenticated.
Adds req.sesson.returnTo, the url to redirect the user to after login.
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| req | request | express request to check authenticated |
| res | response | express response related to this request |
| next | function | callback to next middleware to handle request. |
module.exports~initialize(app)
Initalize moneypenny. adds oauth authentication endpoints to express app
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| app | express-app | the express app that this will run on. |
Example
var express = require('express');
var moneypenny = require('moneypenny');
var MongoStore = require('moneypenny-mongo-storage');
var MongoClient = require('mongodb').MongoClient;
MongoClient.connect('monogdb://localhost:27017/moneypenny', function(err, db) {
var mpMongoStore = MongoStore(db);
var app = express();
var mpOptions = {
secretOrPrivateKey: 'topsecret',
storageProvider: mpMongoStore
}
var mps = moneypenny(mpOptions);
// Following endpoints will be addded to the server.
// /oauth2/token - token endpoint.
// /logout - logout endpoint.
// /oauth2/authorization - authorization endpoint.
mps.initialize(app);
});module.exports~serializeUser()
Used for passport to serialize the session user. using this method will allow the oauth server to send whatever details are in the user object serialized.
Kind: inner method of module.exports
See: http://passportjs.org/docs/configure#sessions
Example
passport.serializeUser(authServer.serializeUser);Example
//remove password from user, then serialize.
passport.serializeUser((user, done)=>{
user.password = ''
return authServer.serializeUser(user, done);
})module.exports~deserializeUser()
Used for passport to deserialize the session user.
Kind: inner method of module.exports
Example
passport.deserializeUser(authServer.deserializeUser);module.exports~loginAndRedirect(req, res, next)
Helper method for login, this method can be used once a login is established from a passport strategy
It will redirect the users back to the approprate locationexpiresIn
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| req | request | express request to check authenticated |
| res | response | express response related to this request |
| next | function | callback to next middleware to handle request. |
module.exports~jwtToken(req, res) ⇒ String
Express middleware that returns a JWT token.
Kind: inner method of module.exports
Returns: String - jwt token for the user
| Param | Type | Description |
|---|---|---|
| req | request | Express JS Request Object |
| res | response | Express JS Response Object |
module.exports~jwt(user, ttl) ⇒ String
Sign a JWT token.
Kind: inner method of module.exports
Returns: String - encoded JWT token.
| Param | Type | Description |
|---|---|---|
| user | Object | user to encode. |
| ttl | Number | time for the token to live. (set to value in option if none is sent) |
module.exports~user(JWT) ⇒ Object
Get a user from a JWT token.
Kind: inner method of module.exports
Returns: Object - enncoded user object.
| Param | Type | Description |
|---|---|---|
| JWT | String | token to decode. |
module.exports~logoutAndRedirect(req, res, next)
Helper method for logging out, logs user out of authentication server after logging user out from all other servers.
Not Yet Implemented
Kind: inner method of module.exports
| Param | Type | Description |
|---|---|---|
| req | request | express request |
| res | response | express response |
| next | function | callback to next middleware to handle request. |
module.exports~Options : Options
Options that will be passed to the moneypenny server to determine how to initialize.
Kind: inner typedef of module.exports
Properties
| Name | Type | Description |
|---|---|---|
| redirectUrl | String | default redirect url to use if no previous url is found. |
| loginUrl | String | url to redirect to for login. |
| secretOrPrivateKey | String | secret or private key to use for JWT encryption. |
| ttl | Number | lifespan of a token. |
| storageProvider | StorageProvider | storage provider to use to store autentication details. Such as 'moneypenny-mongo-store'. @see https://github.com/blueflag/moneypenny-mongo-storage |