UNPKG

authentic-server

Version:

This is the server component of Authentic. This provides endpoints for signup, login, confirm, and password change.

github.com/davidguttman/authentic-server

davidguttman/authentic-server

88 lines (72 loc) 2.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
const Corsify = require('corsify') const HttpHashRouter = require('http-hash-router') const API = require('./api') module.exports = function (opts) { opts.dbUsers = opts.dbUsers || opts.db checkInitErrors(opts) const routePrefix = opts.routePrefix || '/auth' const shouldGoogle = opts.googleClientId && opts.googleClientSecret && opts.googleRedirectUrl const api = API(opts) const router = HttpHashRouter() router.set(`${routePrefix}/login`, { POST: api.login.bind(api) }) router.set(`${routePrefix}/signup`, { POST: api.signup.bind(api) }) router.set(`${routePrefix}/confirm`, { POST: api.confirm.bind(api) }) router.set(`${routePrefix}/change-password-request`, { POST: api.changePasswordRequest.bind(api) }) router.set(`${routePrefix}/change-password`, { POST: api.changePassword.bind(api) }) router.set(`${routePrefix}/magic-request`, { POST: api.magicRequest.bind(api) }) router.set(`${routePrefix}/magic-login`, { POST: api.magicLogin.bind(api) }) router.set(`${routePrefix}/public-key`, { GET: api.publicKey.bind(api) }) if (shouldGoogle) { router.set(`${routePrefix}/google`, { GET: api.googleAuth.bind(api) }) router.set(`${routePrefix}/google/callback`, { GET: api.googleCallback.bind(api) }) } if (opts.dbExpiry) { router.set(`${routePrefix}/expired`, { GET: api.expired.bind(api) }) } function handler (req, res, next) { Corsify( { 'Access-Control-Allow-Headers': 'authorization, accept, content-type' }, function (req, res) { router(req, res, {}, onError) } )(req, res) function onError (err) { if (!err) return if (next && err.statusCode === 404) return next(req, res) res.writeHead(err.statusCode || 500, { 'Content-Type': 'application/json' }) res.end( JSON.stringify({ success: false, error: err.message }) ) } } return handler } function checkInitErrors (opts) { if (!opts.dbUsers) { throw new Error( 'Authentic: no user db given, must have "get" and "put" methods.' ) } if (!opts.publicKey || !opts.privateKey) { throw new Error('Authentic: no public or private key given') } if (!opts.sendEmail) { throw new Error('Authentic: no "sendEmail" method given') } }