Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@tuagye/swagger-auth-middleware

Package Overview
Dependencies
Maintainers
0
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@tuagye/swagger-auth-middleware

Flexible authentication middleware for Swagger UI

1.0.1
latest
Source
npmnpm
Version published
Weekly downloads
0
-100%
Maintainers
0
Weekly downloads
 
Created
Source

@tuagye/swagger-auth-middleware

A flexible, secure authentication middleware for Swagger UI in Express applications.

Features

  • Easy to set up and use
  • Supports multiple users
  • Uses bcrypt for secure password hashing
  • Option to use raw passwords for development environments
  • Utility functions for password hashing
  • TypeScript support

Installation

npm install @tuagye/swagger-auth-middleware

yarn add @tuagye/swagger-auth-middleware

Usage

  • Set up your environment variable:
SWAGGER_USERS={"admin":"$2b$10$X7oVmW5nqc4FN1v0fz4/pOKz5LYcRpJQgclVhuhQH9RZxOvMQ5hEe","developer":"$2b$10$6QKtDtlVcx1XhF8L5y1gJeR5X5.xdxCEBi0eXqCTf2NYBp2G6atwu"}
  • Import and use the middleware:
import express from "express";
import swaggerUi from "swagger-ui-express";
import swaggerDocument from "./swagger.json";
import createAuthMiddleware from "@tuagye/swagger-auth-middleware";

const app = express();

const authMiddleware = createAuthMiddleware();
app.use(
  "/api-docs",
  authMiddleware,
  swaggerUi.serve,
  swaggerUi.setup(swaggerDocument)
);
  • (Optional) Use raw passwords for development:
const authMiddleware = createAuthMiddleware({ useRawPasswords: true });

Generating Password Hashes

You can use the provided utility functions to generate password hashes:

import {
  generatePasswordHash,
  generateUserObject,
} from "@tuagye/swagger-auth-middleware/passwordUtils";

// Generate a single password hash
async function hashSinglePassword() {
  const hash = await generatePasswordHash("your-password-here");
  console.log(hash);
}

// Generate a user object with hashed passwords
async function generateUsers() {
  const users = {
    admin: "admin-password",
    developer: "dev-password",
  };
  const hashedUsers = await generateUserObject(users);
  console.log(JSON.stringify(hashedUsers));
}

hashSinglePassword();
generateUsers();

Security Note

Always use environment variables to store your SWAGGER_USERS configuration. Never commit sensitive information to your repository. Use the useRawPasswords option only in secure development environments.

License

MIT

Keywords

swagger
authentication
middleware
express

FAQs

Package last updated on 31 Aug 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Nx Investigation Reveals GitHub Actions Workflow Exploit Led to npm Token Theft, Prompting Switch to Trusted Publishing

Security News

Nx Investigation Reveals GitHub Actions Workflow Exploit Led to npm Token Theft, Prompting Switch to Trusted Publishing

Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.

By Sarah Gooding  -  Sep 03, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.