Performs all basic authentication tasks, provides organization => users hierarchy and simple express app integration
const r = require('rethinkdbdash')({ db: 'chaos' });
const settings = {
secret: 'MY_SUPER_DUPER_SECRET_HASH',
site: {
name: 'Some Cool Site',
url: 'http://localhost:3000'
},
email: {
from: "no-reply@foo.com",
host: "mail.somewhere.com",
user: "username@somewhere.com",
password: "foobar",
ssl: true
}
};
const auth = require('chaos-auth')(r, settings);
const app = express();
app.use(cors());
app.use(bodyParser.json())
.use(bodyParser.urlencoded({ extended: false }));
app.use('/auth', auth.router);
app.get('/test', auth.authorize, (req, res) => {
res.send({ success: true, message: 'i am authorized' });
});
authorizes JWT token, builds Authorization Object under req.auth
app.get('/custom_endpoint', auth.authorize, (req, res) => {
// available only for authorized requests
console.log('logged in with token', req.auth.token);
res.send({
user: req.auth.user,
organization: req.auth.organization
})
});
app.get('/custom_endpoint', auth.authorize, auth.requireSuperuser, (req, res) => {
// available only for superuser
});
app.get('/custom_endpoint', auth.authorize, auth.requireAdmin, (req, res) => {
// available only for admin
});
registers user account and sends confirmation email, until user confirms the account the user has
{
"user": {
"email": "foo@bar.com",
"password": "foobar",
"passwordConfirmation": "foobar",
"firstName": "John",
"lastName": "Doe"
},
"organization": {
"name": "Foobar ltd",
"email": "info@bar.com",
"country": "Finland"
}
}
you can add your own attributes as long as it's not "id", "createdAt", "updatedAt", "perishableToken"
activates the account using perishable token, then redirects to supplied link
creates a session and returns Authorization Object with User, Organization and Token
{
"email": "foo@bar.com",
"password": "foobar"
}
creates a session using different organization
{
"organization_id": "abcdefgh"
}
deletes the current token
sets perishable token and sends password request confirmation email
generates random password, sends email to user and redirects to provided link, uses perishable token
changes password of user
{
"currentPassword": "foobar",
"newPassword": "foobar2"
}
returns Authorization Object with User, Organization and Token for current session
allows superuser to create other users under the same organization
{
"email": "foo@bar.com",
"password": "foobar",
"passwordConfirmation": "foobar",
"firstName": "John",
"lastName": "Doe"
}
allows superuser to modify other users under the same organization
{
"email": "foo@bar.com",
"password": "foobar",
"passwordConfirmation": "foobar",
"firstName": "John",
"lastName": "Doe"
}
you can use your own email templates and mail subjects by setting following properties in settings objects templates are standard handlebar templates using {{ variable }} style. Check builtin templates for available properties.
var fs = require('fs');
var settings = {
emails: {
confirm: {
subject: "Confirm your email!",
template: fs.readFileSync('./templates/confirm.html')
}
}
}
Tests will run their own express api server using this library. Email sending tests are not yet implemented.
npm run test