Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
accountdown
Advanced tools
Readme
manage accounts with leveldb
To create a user, we can just do:
var accountdown = require('accountdown');
var level = require('level');
var db = level('./users.db');
var users = accountdown(db, {
login: { basic: require('accountdown-basic') }
});
var opts = {
login: { basic: { username: 'substack', password: 'beep boop' } },
value: { bio: 'beep boop' }
};
users.create('substack', opts, function (err) {
if (err) return console.error(err);
});
The string we gave to users.create()
need not necessarily match the username
credential. You might want to use a uid
integer for example. In either case
you will get implicitly encforced unique names because if a username already
exists the users.create()
call will fail even if the id
is available and
likewise if an id
is unavailable but a username is available.
To verify a credential (in this case, using accountdown-basic):
var accountdown = require('accountdown');
var level = require('level');
var db = level('./users.db');
var users = accountdown(db, {
login: { basic: require('accountdown-basic') }
});
var creds = { username: 'substack', password: 'beep boop' };
users.verify('basic', creds, function (err, ok, id) {
if (err) return console.error(err)
console.log('ok=', ok);
console.log('id=', id);
});
var accountdown = require('accountdown')
Create a new account instance users
given a leveldb database handle db
and
some options opts
.
opts
can be:
opts.login
- map of type names to login plugin functionsopts.valueEncoding
- value encoding to use, 'json' by defaultCreate a user by an id
.
Challenge credentials creds
for a login type
.
cb(err, ok, id)
fires with an error or the boolean verify status ok
- true
for challenge success and false for challenge failure. On success, the id
associated with challenge credentials, cred
is defined.
Return a readable object stream of row objects with row.key
set to the user id
of each user in the account system.
Get the value for a username by id
as cb(err, value)
.
Put a value
for a username id
. The username id
must already exist.
cb(err)
fires with any errors.
Remote an account by id
, including all login information for that user id.
cb(err)
fires with any errors.
Register a login plugin
at a string name type
.
Add a login for id
of type
using the credentials creds
.
cb(err)
fires with any errors.
Return a readable object stream s
of rows with row.key
set to each string
login type present for the user at id
. For example:
{ key: 'basic' }
{ key: 'rsa' }
Remove a login for id
by its type
.
cb(err)
fires with any errors.
Login plugins such as
accountdown-basic
should export a single function that will be created with db
and prefix
arguments and should return an object with .verify()
and .create()
functions:
module.exports = function (db, prefix) {
return {
verify: function (creds, cb) {
// calls cb(err, success, id)
},
create: function (id, creds) {
// returns an array of batch rows
}
};
};
Check whether creds
are valid login credentials.
cb(err, success, id)
fires with any errors, the success as a boolean, and the
user id
.
Return an array of rows to batch insert if and only if all the keys do not already exist using level-create-batch.
With npm do:
npm install accountdown
MIT
FAQs
persistent accounts backed to leveldb
The npm package accountdown receives a total of 13 weekly downloads. As such, accountdown popularity was classified as not popular.
We found that accountdown demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.