@ssense/jwt-active-directory
Advanced tools
Authorization Middleware and Authenticator for Active Directory and JWT token
There are four ways to pass the token for validation: (1) in the Authorization header, (2) as a cookie, (3) as a POST parameter, and (4) as a URL query parameter. The middleware will look in those places in the order listed and return 401 if it can't find any valid token.
| Method | Format |
|---|---|
| Authorization Header | Authorization: Bearer <token> |
| Cookie | "jwt_token": <token> |
| URL Query Parameter | /protected?access_token=<token> |
| Body Parameter | POST access_token=<token> |
npm install --save @ssense/jwt-active-directory
const authenticator = new Authenticator({
url: 'ldap://127.0.0.1:1389',
baseDN: 'dc=domain,dc=com',
username: 'auth@domain.com',
//username: 'CN=Authenticator,OU=Special Users,DC=domain,DC=com',
password: 'password',
logging: {
name: 'ActiveDirectory',
streams: [
{
level: 'error',
stream: process.stdout
}
]
}
});
authenticator.authenticate('user@domain.com', 'password')
.then(({auth, user, groups}) => {
if (auth) {
const token: string = authenticator.sign({user, groups}, 'no-so-secret-key', {
expiresIn: '1 day'
});
// your script ...
}
})
.catch((err) => {
console.log(err);
});
or you can use authenticateAndSign(email: string, password: string, jwtKey: string, jwtOptions, jwtExtraClaims?: {})
authenticator.authenticateAndSign('user@domain.com', 'password', 'no-so-secret-key', {
expiresIn: '1 day'
},
// Optional claims argument
{
extra: 'payload options',
foo: 'bar',
hello: 'Worl!'
})
.then(({auth, user, groups, token}) => {
console.log('auth', auth);
console.log('user', user);
console.log('groups', groups);
console.log('token', token);
})
.catch((err) => {
console.log(err);
});
import {authenticated} from 'jwt-active-directory';
// ... your code ...
app.get('*', authenticated({
allowed: ['*', 'Group 1', 'Antoher Group Allowed'], // list of groups allowed to enter this route
jwtKey: 'no-so-secret-key' // your jwt secret key
}), (req, res) => {
// your code
// access token with **req.token**
// do what you want we the new generate token
});
Middleware default options
options = {
allowed: [],
jwtKey: null,
queryKey: 'access_token',
bodyKey: 'access_token',
cookieKey: 'jwt_token',
headerKey: 'Bearer',
reqKey: 'token', // req.token
validateGroupKey: 'cn'
};
JWT validation depends only on validating the correct signature and that the token is unexpired.
This project is licensed under the MIT License - see the LICENSE.md file for details.
FAQs
Ssense JWT Active Directory Authenticator
The npm package @ssense/jwt-active-directory receives a total of 0 weekly downloads. As such, @ssense/jwt-active-directory popularity was classified as not popular.
We found that @ssense/jwt-active-directory demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.