sub-login v0.1.2
sub-login
Login system for my nodejs express apps, providing convenient methods for OpenID and local password login. Please don’t consider this secure in any way. Also note that I’m new to github and just trying things out.
Idea
I don't want to implement the login from scratch for each app that I write, hence this package that I can just require, initialise with some configuration options and then plug in the login/logout functions at the respective express routes.
Requirements
You either have to use absolute paths for the configuration of the database directory and the users file or run the apps from its own directory as the working directory.
The database directory has to be read/writeable by the app; sub-login needs it to store valid tokens of logged-in users.
The users file has to be of the following form: One line per user, no empty lines, no comments. First word on line is the username. Then, separated by a single whitespace each, the bcrypt-hashed password, or the OpenID identifier, or both. (Order doesn't matter, OpenID identifiers are recognized because they must contain a colon, while bcrypt hashes never contain colons.)
API
See usage example:
var express, app, bodyParser, subLogin, port;
express = require('express');
bodyParser = require('body-parser');
subLogin = require('sub-login')({
// you could for example generate a secret with pwgen -s 60
secret: 'changeme',
// the _realm_ for which openid grants access, and also the base url after
// which the verification route is mapped; should end with a slash
// (you don't have to use the openid part of sub-login; if you don't want
// to, you don't have to configure it obviously.)
baseurl: 'https://example.com/',
// CONFIG VALUES BELOW HERE ARE DEFAULTS AND DON'T HAVE TO BE SET EXPLICITLY.
// the openid verify route as defined with app.get('openid/verify') below.
verificationRoute: 'openid/verify',
// openid auth will redirect THE BROWSER to
// openIdErrorRoute:error
openIdErrorRoute: '/#/openid-error/',
// and to openIdTokenRoute:token
openIdTokenRoute: '/#/openid-token/',
// the directory for the 'database', token files will be stored here.
// may be relative to your app path (if you start it from its own folder)
// or absolute path.
dbDir: 'db',
// the users file (generate it with ./node_modules/sub-login/sub-adduser)
// may be relative to your app path (if you start it from its own folder)
// or absolute path.
usersFile: 'users'
});
port = process.env.port || 8080;
app = express();
// sub-login won't work without bodyParser.json() !!
app.use(bodyParser.json());
app.use(express.static(__dirname + '/public'));
// subLogin routes for OpenId
app.post('/openid/authenticate', subLogin.authenticate);
app.get('/openid/verify', subLogin.verify);
// subLogin routes for local login
app.post('/login', subLogin.login);
// subLogin common routes
app.get('/login', subLogin.sec, subLogin.checkLogin);
app.delete('/login', subLogin.sec, subLogin.logout);
app.delete('/login/all', subLogin.sec, subLogin.logoutOthers);
// YOUR APP HERE
console.log('Binding to port ' + port);
app.listen(port);Dependencies
Sub-login depends on shelljs, bcrypt, jwt-simple and openid.