@tanker/fake-authentication
Advanced tools
This package aims at reducing the friction when starting new projects, by delaying the integration of Tanker Identity in your application server. It interacts with a Tanker server, that stores private identities.
Note that this package must not be used in production because the returned private identities are not protected. In a production application, your application server should only return private identities through an authenticated route.
import FakeAuthentication from '@tanker/fake-authentication';
const fakeAuth = new FakeAuthentication({ appId });
getPrivateIdentity() returns the private identity associated with the provided email. If the email does not exist, a new private identity is created and stored for reuse. It is guaranteed that this function will always return the same private identity given an email.
If getPublicIdentities() was called before getPrivateIdentity() for a given email, the private identity returned by getPrivateIdentity() also contains a provisional identity. This provisional identity may have been used to share with that email before it was registered with Tanker. Note that the provisional identity must be associated with the private identity (either automatically with VerificationUI or using attachProvisionalIdentity()) to enable access to the resources shared with the provisional identity.
const email = 'alice@example.com';
const privateIdentity = await fakeAuth.getPrivateIdentity(email);
getPublicIdentities() returns an array of public identities from an array of emails. The order of the returned public identities is guaranteed to match the order of the provided emails.
const emails = ['alice@example.com', 'bob@company.com'];
const publicIdentities = await fakeAuth.getPublicIdentities(emails);
// then use with Tanker
await tanker.encrypt(someData, { shareWithUsers: publicIdentities });
const email = 'alice@example.com';
const privateIdentity = await fakeAuth.getPrivateIdentity(email);
const { permanentIdentity, provisionalIdentity } = privateIdentity;
const status = await tanker.start(permanentIdentity);
switch(status) {
case 'IDENTITY_REGISTRATION_NEEDED': {
const verificationCode = await promptUserInput(); // See @tanker/identity
await tanker.registerIdentity({ email, verificationCode });
await tanker.attachProvisionalIdentity(provisionalIdentity);
break;
}
case 'IDENTITY_VERIFICATION_NEEDED': {
const verificationCode = await promptUserInput(); // See @tanker/identity
await tanker.verifyIdentity({ email, verificationCode });
break;
}
}
const email = 'alice@example.com';
const privateIdentity = await fakeAuth.getPrivateIdentity(email);
const { permanentIdentity, provisionalIdentity } = privateIdentity;
const tanker = new Tanker(config);
// The verification UI will start Tanker
const verificationUI = new VerificationUI(tanker);
await verificationUI.start(email, permanentIdentity, provisionalIdentity);
// Once start is done, Tanker is in a ready state
FAQs
Tanker fake-authentication SDK
We found that @tanker/fake-authentication demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
Research
/Security News
Malicious update to @ctrl/tinycolor on npm is part of a supply-chain attack hitting 40+ packages across maintainers