@nymdev/express-nymag-user
Advanced tools
Comparing version 1.0.0 to 1.0.1
{ | ||
"name": "@nymdev/express-nymag-user", | ||
"version": "1.0.0", | ||
"version": "1.0.1", | ||
"description": "Handles in-house user identification as middleware for express via a cookie", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -7,10 +7,10 @@ Express NYMag User | ||
Domain can be set in the options, or with environment variables like: | ||
All authorization logic is encapsulated in the implementation of isProtected. | ||
```bash | ||
export BLOCK_DOMAIN=your_domain1.biz,your_domain1.biz | ||
``` | ||
NOTE: Use with care. It's the same as user's volunteering their own username, and is not auth. Temporary until OAuth. | ||
## Setup | ||
If redirect_to does not retun valid url (e.g. if host is not defined) and the request should be blocked, the middleware protects via 403. | ||
## Usage | ||
@@ -25,3 +25,2 @@ | ||
app.use(expressNYMagUser({ | ||
blockDomains: ['your_domain.biz'], | ||
redirectTo: function (originalUrl) { | ||
@@ -28,0 +27,0 @@ return authServer + encodeURIComponent(originalUrl); |
10461
38