@futoin/security
Advanced tools
FutoIn Security Concept is alternative to token based authentication & authorization mechanisms.
Features:
Documentation --> FutoIn Guide
Reference implementation of:
Author: Andrey Galkin
Command line:
$ npm install @futoin/security --save
or:
$ yarn add @futoin/security --save
FTN8: Cached Manage Service
Manage Face
FTN8: main Manage Service
FTN8.2: Master Auth Face
FTN8.2: Master Auth Service
FTN8.2: Master Auth Auto-registration Face
FTN8.2: Master Auth Auto-registration Service
FTN8.2: Master Auth Manage Face
FTN8.2: Master Auth Manage Service
All-in-one AuthService initialization
Simple passthru FTN8 security provider for Executor.
NOTE: it's suitable for lightweight services without own SecVault.
FTN8.1: Stateless AuthService Face
Manage Service
FTN8.1: Stateless Manage Face
FTN8.1.: Stateless Manage Service
MasterAuth implementation for AdvancedCCM with static Master Key
NOTE: this implementation rotates only derived keys
Base Face with neutral common registration functionality
Base Service with common registration logic
FTN8: Cached Manage Service
C-tor
| Param | Type | Default | Description |
|---|---|---|---|
| scope | object | scope of related services | |
| options | object | passed to superclass c-tor | |
| options.scope | integer | main.globalScope | scope state |
Manage Face
FTN8: main Manage Service
FTN8.2: Master Auth Face
FTN8.2: Master Auth Service
FTN8.2: Master Auth Auto-registration Face
FTN8.2: Master Auth Auto-registration Service
FTN8.2: Master Auth Manage Face
FTN8.2: Master Auth Manage Service
All-in-one AuthService initialization
Kind: global class
AdvancedCCMExecutorC-tor
| Param | Type | Default | Description |
|---|---|---|---|
| as | AsyncSteps | AsyncSteps interface | |
| options | object | {} | options |
| [options.ccm] | AdvancedCCM | external CCM instance | |
| [options.publicExecutor] | Executor | external public executor instance | |
| [options.privateExecutor] | Executor | external private executor instance | |
| [options.storagePassword] | string | Base64 encoded KEK for storage | |
| [options.config] | object | config overrides for MasterService | |
| [options.ccmOptions] | object | auto-CCM options | |
| [options.notExpectedHandler] | callable | 'notExpected' error handler | |
| [options.privateExecutorOptions] | object | private auto-Executor options | |
| [options.publicExecutorOptions] | object | public auto-Executor options | |
| [options.evtOptions] | object | eventstream options | |
| [options.secVaultOptions] | object | secure vault options | |
| [options.securityOptions] | object | security interface options |
AdvancedCCMCCM instance accessor
Kind: instance method of ServiceApp
Returns: AdvancedCCM - instance
ExecutorExecutor instance accessor
Kind: instance method of ServiceApp
Returns: Executor - instance
Shutdown of app and related instances
Kind: instance method of ServiceApp
| Param | Type | Default | Description |
|---|---|---|---|
| [done] | callable | | done callback |
Simple passthru FTN8 security provider for Executor.
NOTE: it's suitable for lightweight services without own SecVault.
FTN8.1: Stateless AuthService Face
Manage Service
FTN8.1: Stateless Manage Face
FTN8.1.: Stateless Manage Service
MasterAuth implementation for AdvancedCCM with static Master Key
NOTE: this implementation rotates only derived keys
C-tor
| Param | Type | Default | Description |
|---|---|---|---|
| options | object | Options | |
| keyId | string | master key ID | |
| keyData | string | master key data in Base64 | |
| [paramFormat] | string | "YYYYMMDD" | format for derivation parameter |
| [kds] | string | "HKDF256" | key derivation strategy |
| [macAlgo] | string | "HS256" | MAC algorithm |
Base Face with neutral common registration functionality
Kind: global class
Note: Not official API
Latest supported FTN13 version
Kind: static property of BaseFace
Latest supported FTN4 version
Kind: static property of BaseFace
CCM registration helper
Kind: static method of BaseFace
| Param | Type | Default | Description |
|---|---|---|---|
| as | AsyncSteps | steps interface | |
| ccm | AdvancedCCM | CCM instance | |
| name | string | CCM registration name | |
| endpoint | * | see AdvancedCCM#register | |
| [credentials] | * | | see AdvancedCCM#register |
| [options] | object | {} | interface options |
| [options.version] | string | "1.0" | interface version to use |
Base Service with common registration logic
Kind: global class
C-tor
| Param | Type | Description |
|---|---|---|
| scope | object | scope of related services |
| options | object | passed to superclass c-tor |
BaseServiceRegister Service with Executor
Kind: static method of BaseService
Returns: BaseService - instance
| Param | Type | Description |
|---|---|---|
| as | AsyncSteps | steps interface |
| executor | Executor | executor instance |
| scope | object | scope of related services |
| options | object | implementation defined options |
FAQs
FutoIn Security Concept reference implementation
We found that @futoin/security demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A malicious Chrome extension steals newly created MEXC API keys, exfiltrates them to Telegram, and enables full account takeover with trading and withdrawal rights.
Security News
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.
Security News
Socket CEO Feross Aboukhadijeh joins Insecure Agents to discuss CVE remediation and why supply chain attacks require a different security approach.