New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

auth-interceptor-lib

Package Overview
Dependencies
Maintainers
0
Versions
69
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

auth-interceptor-lib

Middleware for authentication using a token provider. This middleware validates the authentication token by comparing it with the defined protected routes. Additionally, it uses a global logger to record information about unauthorized requests.

latest
npmnpm
Version
11.22.2
Version published
Maintainers
0
Created
Source

AuthInterceptor

Middleware for authentication using a token provider. This middleware validates the authentication token by comparing it with the defined protected routes. Additionally, it uses a global logger to record information about unauthorized requests.

Parameters

TokenProvider

  • Type: AuthProviderInterface
  • Description: Implementation of the token provider. Examples of implementations include CognitoProvider.

ConsoleLogger

  • Type: LoggerInterface
  • Description: Logger instance used to record logs in the system.

Functionality

  • Initializes the global logger using LoggerSingleton.initialize(ConsoleLogger).
  • Checks if the current route is a public route. If it is, access is allowed directly.
  • Validates the token provided in the authorization header.
  • If the token is invalid:
    • Uses the logger to record the unauthorized attempt.
    • Returns a response with the status 401 Unauthorized.
  • If the token is valid:
    • Allows the request to continue by calling next().

Return

A middleware function compatible with frameworks like Express.

Usage Example with Express

import ConsoleLogger from './logger/console.logger';
import express from 'express';
import AuthInterceptor, { CognitoProvider } from 'auth-interceptor-lib';

const app = express();

// Initialize the global logger, type LoggerInterface exported by: import { LoggerInterface } from 'auth-interceptor-lib'
const logger = new ConsoleLogger();

// Initialize the AuthInterceptor with the TokenProvider and Logger
const authMiddleware = AuthInterceptor(new CognitoProvider(), logger);

// Use the middleware in the application
app.use(authMiddleware);

Usage Example with NestJS

import { MiddlewareConsumer, Module, NestModule } from '@nestjs/common'
import AuthProvider, { CognitoProvider } from 'auth-interceptor-lib';
import { ConsoleLogger } from '@/@core/infra/middlewares/logger';

@Module({
  imports: [],
  providers: [],
})

export class AppModule implements NestModule {
  configure(consumer: MiddlewareConsumer) {
    const userPoolId = process.env.USER_POOL_ID || '';
    if (!userPoolId) {
      throw new Error('USER_POOL_ID is not set in the environment variables.');
    }
    consumer
      .apply(AuthProvider(new CognitoProvider(userPoolId), new ConsoleLogger()))
      .forRoutes('*');
  }
}

FAQs

Package last updated on 09 Dec 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026