UNPKG

castleio-sdk

Version:

The castle.io SDK for Node.js

156 lines (127 loc) 5.8 kB
# Node.js SDK for Castle **[Castle](https:castle.io) adds real-time monitoring of your authentication stack, instantly notifying you and your users on potential account hijacks.** ## Installation Obtain the latest version of the SDK with npm: ```bash npm install castleio-sdk ``` ## Getting Started: The Vanilla Way ### Initializing ```javascript import Castle from 'castleio-sdk'; var castle = new Castle({apiSecret : 'YOUR-SECRET-HERE'}); ``` ### Tracking Events ```javascript castle.trackEvent({ event : Castle.Events.LOGIN_SUCCEEDED, //This can also be a string EX: $login.failed user_id : 2473, //The ID of your user details : { //Optional email: 'castle@castle.io' }, userAgent : 'Really long user agent string here', cookie : 'The cookie the client side javascript created with the name __cid', ip : '0.0.0.0', headers : {} Tons of headers here }).then(obj => { //Handle success //Note that "obj" is almost always just {} }).catch(e => { //Handle error }); ``` ### Identifying Users ```javascript castle.identify({ user_id : 2473, //The ID of your user user_data : { //Optional email: 'castle@castle.io' }, userAgent : 'Really long user agent string here', cookie : 'The cookie the client side javascript created with the name __cid', ip : '0.0.0.0', headers : {} Tons of headers here }).then(obj => { //Handle success //Note that "obj" is almost always just {} }).catch(e => { //Handle error }); ``` ## Getting Started: The Express Way This is the way to go if you're using Express 4.x ### Initializing ```javascript import Castle from 'castleio-sdk' app.use(Castle.express({apiSecret : 'YOUR-SECRET-HERE'})); ``` ### Tracking Events ```javascript (request, response, next) => { request.castleTrackEvent({ event : request.castleEvents.LOGIN_SUCCEEDED, user_id : 2473, //The ID of your user details : { //Optional email: 'castle@castle.io' }. }).then(obj => { //Handle success //Note that "obj" is almost always just {} }).catch(e => { //Handle error next(e) }); } ``` ### Identifying Users ```javascript (request, response, next) => { request.castleIdentify({ user_id : 2473, The ID of your user user_data : { //Optional email: 'castle@castle.io' } }).then(obj => { //Handle success //Note that "obj" is almost always just {} }).catch(e => { //Handle error next(e) }); } ``` ## Options The Castle object accepts these options upon initialization | Code | Description |Default | |:---------------------------------|:----------------|:----------| |apiKey|Your api key. This is currently unused|null| |apiSecret|Your api secret. This is used for authenticating you|undefined| |apiUrl|The endpoint you want to send your api requests to|https://api.castle.io| |disableClientUserAgent|Wether or not you want to send SDK info and OS information to castle for analytics|false| ## Events These are the events Available through Castle.Events | Code | Description |Default | |:---------------------------------|:----------------|:----------| | LOGIN_SUCCEEDED | $login.succeeded | Record when a user attempts to log in| | LOGIN_FAILED | $login.failed | Record when a user logs out| | LOGOUT_SUCCEEDED | $logout.succeeded | Record when a user logs out| | REGISTRATION_SUCCEEDED | $registration.succeeded | Capture account creation, both when a user signs up as well as when created manually by an administrator| | REGISTRATION_FAILED | $registration.failed | Record when an account failed to be created| | EMAIL_CHANGE_REQUESTED | $email_change.requested | An attempt was made to change a user’s email| | EMAIL_CHANGE_SUCCEEDED | $email_change.succeeded | The user completed all of the steps in the email address change process and the email was successfully changed| | EMAIL_CHANGE_FAILED | $email_change.failed | Use to record when a user failed to change their email address| | PASSWORD_RESET_REQUESTED | $password_reset.requested | An attempt was made to reset a user’s password| | PASSWORD_RESET_SUCCEEDED | $password_reset.succeeded | The user completed all of the steps in the password reset process and the password was successfully reset. Password resets do not required knowledge of the current password| | PASSWORD_RESET_FAILED | $password_reset.failed | Use to record when a user failed to reset their password| | PASSWORD_CHANGE_SUCCEEDED | $password_change.succeeded |Use to record when a user changed their password. This event is only logged when users change their own password| | PASSWORD_CHANGE_FAILED | $password_change.failed | Use to record when a user failed to change their password| | CHALLENGE_REQUESTED | $challenge.requested | Record when a user is prompted with additional verification, such as two-factor authentication or a captcha| | CHALLENGE_SUCCEEDED | $challenge.succeeded | Record when additional verification was successful| | CHALLENGE_FAILED | $challenge.failed |Record when additional verification failed| ## Errors Whenever something unexpected happens, a error is created and returned. Here's a list of errors that we're shamefully created | Code | Description | |:---------------------------------|:----------------| |MISSING_EVENT_NAME|You've missed the event parameter for the trackEvent function| |INVALID_HTTP_STATUS_CODE|The HTTP Code returned by the Castle API was unexpected|