UNPKG

lbx-jwt

Version:

Provides JWT authentication for loopback applications. Includes storing roles inside tokens and handling refreshing. Built-in reuse detection.

51 lines (50 loc) 2.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
/// <reference types="express" /> import { Options } from '@loopback/repository'; import { Request } from '@loopback/rest'; import { BaseUserRepository } from '../repositories'; /** * Handles everything connected to two factor authentication. */ export declare class TwoFactorService<RoleType extends string> { protected readonly forceTwoFactor: boolean; protected readonly baseUserRepository: BaseUserRepository<RoleType>; protected readonly twoFactorHeader: string; protected readonly twoFactorLabel?: string | undefined; constructor(forceTwoFactor: boolean, baseUserRepository: BaseUserRepository<RoleType>, twoFactorHeader: string, twoFactorLabel?: string | undefined); /** * Generates a secret and a two factor auth url to use for a qr code. * Both values gets saved to the user credentials of the user with the given id. * @param userId - The id of the user that wants to activate two factor authentication. * @param options - Additional options eg. Transaction. * @returns The qr code url. */ turnOn2FA(userId: string, options?: Options): Promise<string>; /** * Confirms the setup of two factor authentication for the user with the given id. * @param userId - The id of the user that wants to activate two factor authentication. * @param code - The code that is used to confirm that the user has the correct secret setup. * @param options - Additional options eg. Transaction. */ confirmTurnOn2FA(userId: string, code: string, options?: Options): Promise<void>; /** * Turns off 2fa for the user with the given id. * @param userId - The id of the user to turn 2fa off for. * @param options - Additional options eg. Transaction. */ turnOff2FA(userId: string, options?: Options): Promise<void>; /** * Extracts a two factor code from the given request by reading the custom header. * @param request - The request of which the two factor code should be read. * @returns The found two factor code. * @throws When the custom header wasn't found, is empty or not 6 digits long. */ extractCodeFromRequest(request: Request): string; /** * Validates the given two factor code for the user with the given id. * @param userId - The id of the user that tries to do something that requires a 2fa code. * @param code - The two factor code to validate. * @param options - Additional options eg. Transaction. */ validateCode(userId: string, code: string, options?: Options): Promise<void>; private generateSecret; }