UNPKG

lbx-jwt

Version:

Provides JWT authentication for loopback applications. Includes storing roles inside tokens and handling refreshing. Built-in reuse detection.

128 lines 5.54 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
"use strict"; /* eslint-disable stylistic/max-len */ Object.defineProperty(exports, "__esModule", { value: true }); exports.LbxJwtBindings = exports.LbxJwtDefaultValues = void 0; const core_1 = require("@loopback/core"); const ONE_HUNDRED_DAYS_IN_MS = 8640000000; const HOUR_IN_MS = 3600000; const FIVE_MINUTES_IN_MS = 300000; /** * Default Values for the component. */ exports.LbxJwtDefaultValues = { ACCESS_TOKEN_EXPIRES_IN_MS: HOUR_IN_MS, REFRESH_TOKEN_EXPIRES_IN_MS: ONE_HUNDRED_DAYS_IN_MS, REFRESH_TOKEN_ISSUER: 'api', PASSWORD_RESET_TOKEN_EXPIRES_IN_MS: FIVE_MINUTES_IN_MS }; /** * Bindings to customize the LbxJwt component. */ // eslint-disable-next-line typescript/no-namespace var LbxJwtBindings; (function (LbxJwtBindings) { /** * The key for the secret used to generate access tokens. */ LbxJwtBindings.ACCESS_TOKEN_SECRET = core_1.BindingKey.create('lbx.jwt.access.token.secret'); /** * The key for the amount of milliseconds after which the access token expires. * @default 3600000 // 1 hour */ LbxJwtBindings.ACCESS_TOKEN_EXPIRES_IN_MS = core_1.BindingKey.create('lbx.jwt.access.token.expires.in.ms'); /** * The key for the service that handles generating and validating access tokens. */ LbxJwtBindings.ACCESS_TOKEN_SERVICE = core_1.BindingKey.create('lbx.jwt.access.token.service'); /** * The key for the service that handles verifying user credentials. */ LbxJwtBindings.BASE_USER_SERVICE = core_1.BindingKey.create('lbx.jwt.user.service'); /** * The key of the datasource. */ LbxJwtBindings.DATASOURCE_KEY = 'datasources.db'; /** * The key of the repository responsible for handling users. */ LbxJwtBindings.BASE_USER_REPOSITORY = 'repositories.BaseUserRepository'; /** * The key of the repository responsible for handling user credentials. */ LbxJwtBindings.CREDENTIALS_REPOSITORY = 'repositories.CredentialsRepository'; /** * The key for the secret used to generate refresh tokens. */ LbxJwtBindings.REFRESH_TOKEN_SECRET = core_1.BindingKey.create('lbx.jwt.refresh.token.secret'); /** * The key for the amount of milliseconds after which the refresh token expires. * @default 8640000000 // 100 days */ LbxJwtBindings.REFRESH_TOKEN_EXPIRES_IN_MS = core_1.BindingKey.create('lbx.jwt.refresh.token.expires.in.ms'); /** * The key for the service that handles refresh tokens. */ LbxJwtBindings.REFRESH_TOKEN_SERVICE = core_1.BindingKey.create('lbx.jwt.refresh.token.service'); /** * The key for the refresh token issuer stored inside the refresh token.. * @default 'api' */ LbxJwtBindings.REFRESH_TOKEN_ISSUER = core_1.BindingKey.create('lbx.jwt.refresh.token.issuer'); /** * The key of the backend datasource for refresh token's persistency. */ LbxJwtBindings.REFRESH_TOKEN_DATASOURCE_KEY = 'datasources.db'; /** * Key for the repository that stores the refresh token and its bound user information. */ LbxJwtBindings.REFRESH_TOKEN_REPOSITORY = 'repositories.RefreshTokenRepository'; /** * The key for the amount of milliseconds after which the reset password token expires. * @default 300000 // 5 minutes */ LbxJwtBindings.PASSWORD_RESET_TOKEN_EXPIRES_IN_MS = core_1.BindingKey.create('lbx.jwt.password.reset.token.expires.in.ms'); /** * The key for the repository that stores the password reset token. */ LbxJwtBindings.PASSWORD_RESET_TOKEN_REPOSITORY = 'repositories.PasswordResetTokenRepository'; /** * The key for the service that handles sending emails. */ LbxJwtBindings.MAIL_SERVICE = core_1.BindingKey.create('lbx.jwt.email.service'); /** * Provider for all possible role values. */ LbxJwtBindings.ROLES = core_1.BindingKey.create('lbx.jwt.roles'); /** * The label to display inside the two factor app. */ LbxJwtBindings.TWO_FACTOR_LABEL = core_1.BindingKey.create('lbx.jwt.two.factor.label'); /** * Whether or not two factor authentication should be forced. If set to true a user is only allowed to login, * any other request leads to an error if two factor authentication is disabled. */ LbxJwtBindings.FORCE_TWO_FACTOR = core_1.BindingKey.create('lbx.jwt.two.factor.force'); /** * Routes that should be accessible even if two factor authentication is disabled for the user. * By default this is the login route. */ LbxJwtBindings.FORCE_TWO_FACTOR_ALLOWED_ROUTES = core_1.BindingKey.create('lbx.jwt.two.factor.force.allowed.routes'); /** * The custom header for request where the two factor code is provided. * Defaults to 'X-Authorization-2FA'. */ LbxJwtBindings.TWO_FACTOR_HEADER = core_1.BindingKey.create('lbx.jwt.two.factor.header'); /** * Provider for the two factor service. */ LbxJwtBindings.TWO_FACTOR_SERVICE = core_1.BindingKey.create('lbx.jwt.two.factor.service'); /** * Provider for the biometric credentials service. */ LbxJwtBindings.BIOMETRIC_CREDENTIALS_SERVICE = core_1.BindingKey.create('lbx.jwt.biometrics.credentials.service'); /** * The key for the repository that stores the password reset token. */ LbxJwtBindings.BIOMETRIC_CREDENTIALS_REPOSITORY = 'repositories.BiometricCredentialsRepository'; })(LbxJwtBindings || (exports.LbxJwtBindings = LbxJwtBindings = {})); //# sourceMappingURL=keys.js.map