UNPKG

webhandle-users

Version:

Webhandle auth and users module

github.com/EmergentIdeas/webhandle-users

EmergentIdeas/webhandle-users

99 lines (72 loc) 2.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
Basic code to authenticate user profiles and limit access to URLs. #Simples usage ``` const webhandle = require('webhandle') const usersSetup = require('webhandle-users/integrate-with-webhandle') let pretemplate = "app_pre" let posttemplate = "app_post" usersSetup({ app: webhandle, mongoDb: webhandle.dbs.myDBName.db, pretemplate: pretemplate, posttemplate: posttemplate, onLogin: (req, res, next) => { // This is a handle that gets run when a user successully logs in res.redirect('/menu') } }) ``` # Authentication Service The most basic component is the AuthService which saves and verifies users. It takes a set of options and mongo collection. Use like: ``` const AuthService = require('webhandle-user/auth-service') const createUserIfNoneExists = require('webhandle-user/util/create-user-if-none-exists') let authService = new AuthService({ iterations: 100, salt: 'this is unique to the application', algorithm: 'sha256', mongoCollection: my_mongo_collection_object }) createUserIfNoneExists(authService, name, pass, ["group1", "group1"], callback) .... authService.login(name, pass, (err, user) => { // failed login will result in an error being passed }) ``` # Integration There's also a set of code which works with to set user tokens in sessions. The easiest way to hook up all these pieces is (assuming use of webhandle): ``` const webhandleUserIntegrator = require('webhandle-users') let integrator = webhandleUserIntegrator(mongo_db, {}) webhandle.routers.preStatic.use(integrator.createUserInfoLoader()) webhandle.services.authService = integrator.authService ``` This adds a couple methods to the req and res objects to work with users. To create a user session: ``` res.createUserSession('alincoln') ``` To log them out: ``` res.removeUserSession() ``` To access the user information: ``` req.user ``` These sessions are not stored in memory so can be used across a cluster. # Login There's also some basic code for handling login and logout. The file creates a router which has url handlers for `/login` and `/logout`. ``` app.use(require('webhandle-users/handles/create-public-handles')(integrator.authService)) ``` # Authenticating by Group Allow access to `some_router` to any user who is a member of the group `administrators` or a member of the group `editors`. ``` let securedRouter = require('webhandle-users/utils/allow-group')(['administrators', 'editors'], some_router) app.use(securedRouter) ```