node-api-auth v0.0.13

Node API Auth

Create simple and powerful APIs with auth and SDK quickly. Based on express and sequelize.

Usage

Install

$ sudo npm install node-api-auth -g

Develop

Run this command in your terminal:

$ node-aa [path]
$ sudo npm install
$ node server.js

By default the server is listening on http://localhost:8080/.

Models

The database system is based on sequelize. Make sure to read their documentation. You can define models by adding new files in the api/models folder, for example:

"use strict";

module.exports = function ( database, DataTypes ) {
    return database.define( "Users", {
        username : DataTypes.STRING,
        password : DataTypes.STRING
    }, {
        tableName : "users"
    } );
};

Routes

You can define routes by adding new files in the api/routes folder, for example:

"use strict";

module.exports = function ( app, database ) {
    const Models = database.models;
    const Users  = Models.Users;

    app.get( "/users/:id", ( request, response ) => {
        Users.find( {
            where : {
                id : request.params.id
            }
        } )
        .then( function ( user ) {
            if ( user ) {
                return response.json( {
                    success : true,
                    data    : user
                } );
            }
        } )
        .catch( function ( error ) {
            log.critical( error );
        } );
    } );
};

Auth

By default, the API is accessible only for predefined hosts. In order to make a request, make sure the requesting hostname is defined in the database and the specified token is valid.

In this example, the server will only accept request from localhost:8080 (with token 098f6bcd4621d373cade4e832627b4f6) and example.com (with token ad0234829205b9033196ba818f7a872b).

You can pass the token by several ways: in a session (see below), POST parameter, query parameter on in a header. The easiest way is to request the /api with POST method like this:

POST /api HTTP/1.1
Host: localhost:8080
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded

token=098f6bcd4621d373cade4e832627b4f6

This will create a session, so you don't have to pass the token for every request.

SDK

The SDK is still a work-in-progress. It might not be working right now!

Use the following code to load the SDK:

<script>
    ( function ( document, tag, id ) {
        if ( document.getElementById( id ) ) {
            return;
        }

        var js  = document.createElement( script );
        var pjs = document.getElementsByTagName( script )[ 0 ];

        js.id  = id;
        js.src = "http://localhost:8080/sdk";

        pjs.parentNode.insertBefore( js, pjs );
   }( document, "script", "node-aa") );
</script>

Then you can use the SDK using the global variable specified in the api/config.json file (server/name). For example:

var SDK = new NAA( "your_token_here" );

SDK.connect( function () {
    SDK.get( "/status", function ( error, data ) {
        // ...
    } );

    SDK.post( "/post", {
        message  : "Witaj świecie!",
        location : "Białystok, Polska"
    }, function ( error, data ) {
        // ...
    } );
} );

Configuration

You can configure your server by editing the api/config.json file.

Server

string name

Mainly used for the SDK (SDK will be exported as a global object window[ name ]). Make sure it will not collide with other global names.

string host

number port

string key

Secret key used for session encryption.

verbose

If set to true the server will run in debug mode.

Database

string database

string username

string password

string hostname

bool verbose

If set to true the server will run in debug mode.

Auth

array ignore

List of routes where the auth should be ignored.