onestop_authify v1.0.12

OneStop_authify(5-Way Authentication) Package for Node.js Applications

This package provides a comprehensive authentication solution for Node.js applications, offering five different authentication methods: OTP, JWT, Password-based, Two-Factor Authentication (2FA), and Social SSO.

Project Description

The 5-Way Authentication Package is designed to simplify and streamline the implementation of various authentication methods in Node.js applications. It offers a flexible and modular approach to authentication, allowing developers to easily integrate one or more authentication methods into their projects.

Key features of this package include:

• One-Time Password (OTP) generation, email delivery, and verification
• JSON Web Token (JWT) creation and verification
• Password-based authentication with secure hashing
• Two-Factor Authentication (2FA) using Time-based One-Time Passwords (TOTP)
• Social Single Sign-On (SSO) integration with support for multiple providers

This package is ideal for developers looking to implement robust authentication systems in their Node.js applications without having to build each authentication method from scratch.

Repository Structure

.
├── dist/                 # Compiled JavaScript files
├── src/                  # TypeScript source files
│   ├── auth/
│   │   ├── 2fa/          # Two-Factor Authentication
│   │   ├── otp/          # One-Time Password
│   │   ├── password_based/
│   │   │   ├── jwt_logic/
│   │   │   ├── password/
│   │   │   └── types/
│   │   └── social_sso/   # Social Single Sign-On
│   ├── index.ts          # Main entry point
│   └── Readme.md
├── package.json          # Project dependencies and scripts
└── tsconfig.json         # TypeScript configuration

Key Files:

• src/index.ts: Main entry point that exports all authentication functionalities
• package.json: Defines project dependencies and build scripts
• tsconfig.json: Configures TypeScript compiler options

Usage Instructions

Installation

1. Ensure you have Node.js (version 12 or higher) installed.
2. Install the package in your project:

npm install onestop_authify

Getting Started

1. Import the desired authentication methods in your application:

import { generateOtp, sendOtpToEmail, verifyOtp, createToken, verifyToken, HashVerifier, generateSecret, verifyTOTP, handleOAuthCallback } from 'onestop_authify';

2. Configure the authentication methods you want to use. Here's an example of setting up OTP authentication:

import { generateOtp, sendOtpToEmail, verifyOtp } from 'onestop_authify';

// Generate and send OTP
const email = 'user@example.com';
const senderEmailConfig = {
  user: 'your-email@gmail.com',
  pass: 'your-email-password'
};
const emailTemplate = ''; // Your custom email template

const otp = await sendOtpToEmail(email, senderEmailConfig, emailTemplate);

// Verify OTP
const isValid = verifyOtp(email, otp);

Configuration Options

Each authentication method has its own configuration options. Here are some examples:

1. JWT Configuration:

const secret = 'your-secret-key';
const payload = { userId: '123' };
const token = createToken(payload, secret, { expiresIn: '1h' });

2. Password-based Authentication Configuration:

const hashConfig = {
  algorithm: 'sha256',
  includedFields: ['username', 'password'],
  storedField: 'hashedPassword'
};
const hashVerifier = new HashVerifier(hashConfig);

3. 2FA Configuration:

const secret = generateSecret();
const isValid = verifyTOTP(secret, userProvidedToken);

Common Use Cases

1. Implementing OTP-based login:

// Generate and send OTP
const otp = await sendOtpToEmail(userEmail, emailConfig, emailTemplate);

// Verify OTP
if (verifyOtp(userEmail, userProvidedOtp)) {
  // Grant access
} else {
  // Deny access
}

2. JWT-based authentication:

// Create token on login
const token = createToken({ userId: user.id }, secretKey);

// Verify token on protected routes
const payload = verifyToken(token, secretKey);
if (payload) {
  // Allow access to protected resource
} else {
  // Deny access
}

3. Social SSO integration:

const oauthConfig = {
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  redirectUri: 'your-redirect-uri',
  tokenUrl: 'https://provider.com/oauth/token',
  userInfoUrl: 'https://provider.com/oauth/userinfo'
};

const userInfo = await handleOAuthCallback(authorizationCode, oauthConfig);

Testing & Quality

To run tests:

npm test

Troubleshooting

Common issues and solutions:

1. OTP not received:

   • Check spam folder
   • Verify email configuration
   • Ensure proper network connectivity

2. JWT verification fails:

   • Check if the token has expired
   • Verify that the correct secret key is being used

3. 2FA verification fails:

   • Ensure the user's device time is synchronized
   • Verify that the correct secret is being used

For debugging, enable verbose logging by setting the DEBUG environment variable:

DEBUG=onestop_authify:* node your-app.js

Log files can be found in the logs directory of your application.

Data Flow

The authentication process in this package follows a general flow:

1. User initiates authentication (e.g., enters email for OTP, provides credentials for password-based auth)
2. Application generates necessary authentication data (OTP, JWT, etc.)
3. Data is sent to the user (e.g., OTP via email) or stored securely (e.g., hashed password)
4. User provides authentication data (OTP, password, token)
5. Application verifies the provided data
6. Access is granted or denied based on verification result

[User] -> [Application] -> [Authentication Module] -> [Storage/Email]
   ^                                                         |
   |                                                         v
[Verification] <- [Application] <- [User Input] <- [User receives data]

Deployment

This package is designed to be integrated into your Node.js application. Deploy your application as you normally would, ensuring that all environment variables and configurations are properly set for the authentication methods you're using.