@rss/common-nodejs

@rss/common-nodejs

RSS shared Node.js library for cross cutting concerns.

• axios http helper
• env and secrets loading
• mongo connection
• redis/in-memory cacher
• logger and express logging and error middleware
• passport authentication strategy
• token helper
• shared services like relationships, workflow, etc.

Installation

$ npm install @rss/common-nodejs

Auth

Token Helper

TokenHelper must be initialized before calling methods on it.

const { env, TokenHelper } = require('@rss/common-nodejs');

TokenHelper.initialize({
  tokenClientName: env.TOKEN_CLIENT_NAME,
  tokenClientKey: env.TOKEN_CLIENT_KEY,
  tokenServerURL: env.TOKEN_SERVER_URL,
  redis: { host: env.REDIS_HOST }     // Optional. Ff not provided it will use in memory NodeCache
});

const appClientToken = await TokenHelper.clientToken();

Passport Auth Strategy

The RSS authentication strategy authenticates users using a token passed in on the Authorization request header. The strategy requires a verify callback, which accepts a valid decoded token and calls done providing a user.

passport.use(new Strategy({ tokenHelper: TokenHelper }, (decodedToken, done) => {
    // load user
    const user = decodedToken;
    return done(null, user);
}));

Authenticate Requests

Use passport.authenticate(), specifying the 'rss' strategy, to authenticate requests.

app.post('/api/sample', passport.authenticate('rss', { usage: 'CLIENT', session: false }), (req, res) => {
  res.redirect('/');
});

Token Types

This strategy takes an hash value with the following options

• session - Options, save user to session - should be set to false
• usage - Optional, what token type is acceptable. Default to all but can limit to [CLIENT] or [USER,CLIENT]