@rss/common-nodejs

@rss/common-nodejs

RSS shared Node.js library for cross cutting concerns.

• axios http helper
• env and secrets loading
• mongo connection
• redis/in-memory cacher
• logger and express logging and error middleware
• openid client
• openid helper
• openid strategy
• passport authentication strategy
• start child process
• shared services like relationships, workflow, etc.

Installation

$ npm install @rss/common-nodejs

Auth

OpenId Client

openIdClient must be initialized before calling any other rss apps.

const { env, secret, openIdClient } = require('@rss/common-nodejs');
await openIdClient.init(env.OPENID_URL, { client_id: secret.CLIENT_ID, client_secret: secret.CLIENT_SECRET });

const accessToken = await openIdClient.accessToken();

Passport Auth Strategy

The RSS authentication strategy authenticates users using a token passed in on the Authorization request header. The strategy requires a verify callback, which accepts a valid decoded token and calls done providing a user.

passport.use(
  openIdStrategy(env.OPENID_URL, (red, claim, done) => {
    done(null, claim);
  }),
);

Authenticate Requests

Use passport.authenticate(), specifying the 'jwt' strategy, to authenticate requests.

app.use(passport.authenticate('jwt', { session: false }));
app.use('/api/sample', authz(['SCOPE']), require('./sample.routes'));

Token Types

This strategy takes an hash value with the following options

• session - Options, save user to session - should be set to false