UNPKG

universal_authentication

Version:

Seamless and Secure Authentication for Modern Web Applications: Easily integrate OTP-based email verification, Google OAuth, GitHub, Microsoft, and Okta login into your Node.js app. Modular, flexible, and database-agnostic, this package simplifies user au

108 lines (95 loc) 3.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
import { AuthConfig } from "../config/auth.config"; import { hashPassword, verifyPassword } from "../utils/password.utils"; import { validateEmail, validatePassword } from "../utils/validation.utils"; import { storeOtp, generateOtp } from "../services/email/otpStore.service"; // Signup Handler Function export const signupHandler = async ( email: string, password: string, name: string, config: AuthConfig ): Promise<{ status: number; message: string; user?: any }> => { try { // Validation for email, password, and check if the user already exists if (!validateEmail(email)) { return { status: 400, message: "Invalid email format" }; } if (!validatePassword(password)) { return { status: 400, message: "Invalid password format" }; } if (await config.checkUserExist?.(email)) { return { status: 409, message: "Email already exists" }; } // Generation of secureKey, password hashing const secureKey = config.generateSecureKey ? config.generateSecureKey() : "defaultKey"; const hashedPassword = await hashPassword( password, secureKey, config.hashAlgorithm ?? "crypto" ); // Create a user const user = await config.createUser?.({ email, name, }); // Create an auth record for the user if (user) { await config.createAuthRecord?.({ userId: user.id, password: hashedPassword, secureKey, ipAddress: "0.0.0.0", lastLogin: new Date(), }); return { status: 201, message: "User created successfully" }; } else { return { status: 500, message: "User creation failed" }; } } catch (err: any) { console.error(err); return { status: 500, message: err.message }; } }; // Login Handler Function export const loginHandler = async ( email: string, password: string, config: AuthConfig ): Promise<{ status: number; message: string; user?: any }> => { try { // Check if the user and auth record are present const user = await config.getUserByEmail?.(email); if (!user) { return { status: 401, message: "Invalid email or password" }; } const authRecord = await config.getAuthRecord?.(user.id); if (!authRecord) { return { status: 401, message: "authRecord not found" }; } // Check if the password is valid const isPasswordValid = await verifyPassword( password, authRecord.secureKey, authRecord.password, config.hashAlgorithm ?? "crypto" ); if (!isPasswordValid) { return { status: 401, message: "password is incorrect" }; } // Generate OTP after successful password validation const otp = generateOtp(); storeOtp(email, otp); // Send OTP to user via email (use config.sendEmail or your own email service) await config.sendEmail?.( email, "Your OTP for login", `Your OTP is: ${otp}` ); return { status: 200, message: `OTP is sent to your ${email}` }; } catch (err: any) { console.error(err); return { status: 500, message: err.message }; } };