Authentication module written in TypeScript providing authentication utilities and JWT methods.
Install via npm
npm install @icapps/tree-house-authenticationor via yarn
yarn add @icapps/tree-house-authenticationconst authenticator = require('@icapps/tree-house-authentication')import * as authenticator from '@icapps/tree-house-authentication'const jwtSettings = {
algorithm: 'HS256',
expiresIn: '7d',
audience: 'TREEHOUSE-AUTH',
issuer: 'treehouse-authentication',
secretOrKey: '5kZxE|gZu1ODB183s772)/3:l_#5hU3Gn5O|2ux3&lhN@LQ6g+"i$zqB_C<6',
};You can find all possible configuration options at Github: node-jsonwebtoken
Returns a json webtoken with the provided payload and configuration. (Asynchronous)
Returns a decoded jwt token when the provided token is still valid. (Asynchronous)
Returns a decoded json webtoken. This does not validate the token. (Synchronous)
Returns an express middleware function to use on session based routes using the express-session module. (Synchronous)
const app = express();
const session = getSession({
secret: 'mySuperSecretSecret'
});
app.use(session);Two-factor authentication functions using the speakeasy module.
Returns two-factor authentication key with base32 and otp-authentication url needed for QR code generation
const { otpauth_url, base32, ... } = generate2FAKey();Returns QR code image data, user secret, and url (if you wish to have a custom qr code implementation)
const { imageData, secret, url } = generateQrCode(options);Verify whether a token is valid depending on a provided user secret (returns true/false)
const isValidCode = verifyToken('userSecret', 021214);WARNING !! : unbind function does not work in node 10 See (ldapjs/node-ldapjs#483)
const clientOptions = {
url: 'ldap://ldap.forumsys.com',
port: '389',
};
const dnString = 'cn=read-only-admin,dc=example,dc=com';
const password = 'password';
// create a client instance that is connected with the directory server
const client = createLdapClient(clientOptions, dnString, password);
const searchDn = 'dc=example,dc=com';
const filterOptions = {
filter: '(objectClass=*)',
scope: 'sub',
};
//Search users in the directory server
const users = await searchUsers(client,searchDn, filterOptions)Returns a login url to the identity provider
Parses the SAML request to a JSON object
Creates an SSO logout url for the given user (sp initiated)
Creates a service provider object to interact with.
Creates an identityProvider object to interact with
const serviceProvider = createServiceProvider(...);
const identityProvider = createIdentityProvider(...);
// Login
async (req, res) => {
const loginUrl = createLoginRequest(serviceProvider, identityProvider, 'redirect')
res.redirect(loginUrl);
}
// The identity provider will send SAML response upon successful authentication
// We will validate the response
async (req, res) => {
const user = parseSAMLResponse(serviceProvider, identityProvider, req);
if (user) { /* business logic} */ }
}
// Logout
async (req, res) => {
const logoutUrl = createLogout(serviceProvider, identityProvider, user, redirectUrl)
res.redirect(logoutUrl)
}
Returns a random hash (can be used for tokens) (Synchronous)
Returns a hashed password. (Asynchronous)
Check whether a password is valid compared with a hashed password. (Asynchronous)
Hash a password. (Asynchronous)
Dehash a password. (Asynchronous)
You can run npm run test to run all tests
You can run npm run test:coverage to run all tests with coverage report
See the list of contributors who participated in this project.
This project is licensed under the ISC License - see the LICENSE.md file for details