Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@sumor/token-middleware

Package Overview
Dependencies
Maintainers
0
Versions
3
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@sumor/token-middleware

A token middleware for ExpressJS.

  • 1.0.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
42K
decreased by-34.97%
Maintainers
0
Weekly downloads
 
Created
Source

token-middleware

A Sumor Cloud Tool.
More Documentation

A token middleware for ExpressJS.

CI Test Coverage Audit

Installation

npm i @sumor/token-middleware --save

Prerequisites

Node.JS version

Require Node.JS version 18.x or above

require Node.JS ES module

As this package is written in ES module, please change the following code in your package.json file:

{
  "type": "module"
}

Usage

Add token middleware to ExpressJS App

import express from 'express'
import tokenMiddleware from '@sumor/token-middleware'

const app = express()
app.use(tokenMiddleware)

// load token
app.use(async (req, res, next) => {
  const tokenId = req.token.id
  const tokenInfo = await fetchToken(tokenId)
  req.token.user = tokenInfo.user
  req.token.data = tokenInfo.data
  req.token.permission = tokenInfo.permission
  next()
})

// set token
app.get('/login', async (req, res) => {
  const username = req.query.username
  const password = req.query.password
  req.token.id = await createToken(username, password)
  // it will automatic add token to response header cookie 't'
  res.send('Login Success')
})

// use token
app.get('/api', (req, res) => {
  // check permission
  req.token.check('AUTH1')

  res.send('Hello World')
})

permission check

// get permission
req.token.permission = {
  AUTH1: ['READ', 'WRITE'],
  AUTH2: ['READ']
}
const hasAuth1 = req.token.has('AUTH1') // true
const hasAuth2 = req.token.has('AUTH2') // true
const hasAuth3 = req.token.has('AUTH3') // false

const hasAuth1Read = req.token.has('AUTH1', 'READ') // true
const hasAuth1Write = req.token.has('AUTH1', 'WRITE') // true
const hasAuth2Read = req.token.has('AUTH2', 'READ') // true
const hasAuth2Write = req.token.has('AUTH2', 'WRITE') // false

// check permission
req.token.check('AUTH1') // pass
req.token.check('AUTH2') // pass
req.token.check('AUTH3') // throw Error PERMISSION_DENIED Permission denied: AUTH3
req.token.check('AUTH1', 'READ') // pass
req.token.check('AUTH1', 'WRITE') // pass
req.token.check('AUTH2', 'READ') // pass
req.token.check('AUTH2', 'WRITE') // throw Error PERMISSION_DENIED Permission denied: AUTH2=WRITE

Keywords

FAQs

Package last updated on 02 Sep 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc