2.0.1 • Published 7 years ago
mongoose-user-auth v2.0.1
Mongoose User Auth
Hash passwords and lock accounts in Mongoose.
Credit goes to devsmash.com.
Installation
npm install mongoose-user-auth
Usage
Add the plugin to a Mongoose schema.
userSchema.plugin(require('mongoose-user-auth'), {
saltWorkFactor: 10, // optional
maxAuthAttempts: 15, // optional
accountLockTime: 3600 // optional
});
Authenticate users with the auth
method.
// Using a callback
User.auth({ username: username }, password, function (err, user) {
if (err) {
// There has been an error
return;
}
if (!user) {
// User was not found
return;
}
if (user.isLocked) {
// Account is locked
var lockedUntil = user.lockUntil; // ms
return;
}
if (!user.passwordCorrect) {
// User password was incorrect
return;
}
// User is authenticated
});
// Or by using promises
User.auth({ username: username }, password).then((user) => {
if (!user) {
// User was not found
return;
}
if (user.isLocked) {
// Account is locked
var lockedUntil = user.lockUntil; // ms
return;
}
if (!user.passwordCorrect) {
// User password was incorrect
return;
}
// User is authenticated
}).catch((err) => {
// There has been an error
return;
});
When using promises, the promise library used is the same as the one specified in mongoose with require('mongoose').Promise = myPromiseLibrary;
Testing
To run the tests make sure that mongo db is running and accesable on mongodb://localhost:27017
. The test will create and destroy a test database named testDatabase
.
npm test
License
Mongoose User Auth is released under the MIT license.