authboot
A simple slay
preboot that initializes an authboot
namespaced lookup
function
and middeware
on the app object to be used within the application. Its meant
to wrap up some configuration conventions to be more easily reused in multiple
slay applications without duplicating code unnecessarily.
The purpose of this library is to simply wrap an auth middleware (currently basic-auth based)
and give a mechanism for async validation of that auth. We support
properties of express-basic-auth
as configuration. The lookup
function
replaces the authorizer function with a slightly tweaked API which we will cover
below.
install
npm install authboot --save
API
users
- Object
The users
object we give contains assumptions if you are not passing in your
own lookup
function. Those assumptions is that that each key
must be the
username for your authorized users while the value must be a hexidecimal
encoding of the sha256
hash of the password. This ensures we are following security best practices even
when this information is loaded in memory from an encrypted config.
lookup({ name, password }, callback)
Function to override the default behavior of using the users
object as
a direct comparison map for who is authorized and using the provided algorithm to
compare the given password with the hash
we have stored as part of the users
object.
challenge
Boolean
Indicating whether we will send a challenge response for browser based requests.
realm
String
The realm given for the service for browser storage of basic auth.
algorithm
String
The algorithm given to crypto
when creating a hash
.
usage
Example #1
module.exports = function (app, opts, callback) {
app.preboot(require('authboot')({
users: {
name: 'hexOfSHA256HashOfPassword'
},
challenge: true,
realm: 'myservicerealm'
}));
callback();
};
module.exports = function (app, options, callback) {
app.use(app.authboot.middleware);
};
Example #2
const db = require('./db');
const verify = require('./verify');
module.exports = function (app, opts, callback) {
app.preboot(require('authboot')({
lookup: ({ user, password }, callback) => {
db.users.get(user, (err, user) => {
if (err) return callback(err);
verify.password(user.passwordHash, password, callback);
});
},
challenge: true,
realm: 'myservicerealm'
}));
callback();
};
const db = require('./db');
module.exports = function (app, options, callback) {
app.routes.get('/resource', app.authboot.middleware, (req, res, next) => {
db.resource.get(req.params, (err, resource) => {
if (err) return next(err);
res.status(200).json(resource);
})
});
};
test
npm test