redis.auth
Version:
A non prescriptive Redis Authentication module for Express
81 lines (63 loc) • 2.19 kB
Markdown
[](https://travis-ci.org/ChrisCates/redis.auth)
[](https://coveralls.io/github/ChrisCates/redis.auth?branch=master)
[](https://nodei.co/npm/redis.auth/)
# redis.auth
## A non prescriptive Redis Authentication module for Express
### By Chris Cates :star:
### Installation
```
npm install redis.auth --save
```
### Configuration
Note that it requires redis.token npm module to work properly
``` javascript
var redis = require("redis.token")()
var auth = require("redis.auth")(redis, {
//Check for which Express header use when authenticating the client
"header": "authorization",
//The key in the redis session storage you want to check for
"key": "grantType",
//If return error is true it sends a 403 or 500 status based on the error
//Turn this off if you want to do your own error checking
"returnError": true
})
```
### Example Express middleware
``` javascript
var express = require("express")
var app = express()
var auth = require("redis.auth")()
//Example single user permission
app.get("/user", auth("user"), function(req,res) {
//req.auth = stored Redis.Token Object
return res.status(200).send("Only users can access this...")
})
//Example multi user permission
app.get("/user", auth(["user", "admin"]), function(req,res) {
//req.auth = stored Redis.Token Object
return res.status(200).send("Admins and users can access this...")
})
/*
** Assuming the following is in the redis token
** { grantType: user }
** And the header has a valid Redis token...
*/
```
### Example status returns:
#### With returnError = true
``` javascript
return res.status(403).send({
"error": true,
"status": 403,
"message": "No "+config.header+" header supplied..."
})
```
#### With returnError = false
``` javascript
//Sets these variables in req so you can check for them on your own
req.error = true
req.errorType = "No "+config.header+" header supplied..."
req.errorCode = 403
return next()
```
#### Questions, email hello@chriscates.ca