New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
bearer - npm Package Compare versions
Comparing version 0.0.3 to 0.0.4
| { | ||
| "name": "bearer", | ||
| "version": "0.0.3", | ||
| "version": "0.0.4", | ||
| "description": "Bearer authentication module using token and Authorization HTTP header", | ||
@@ -5,0 +5,0 @@ "main": "bearer.js", |
@@ -1,4 +0,50 @@ | ||
| bearerjs | ||
| BearerJS | ||
| ======== | ||
| NodeJS module for Bearer/Token authentication | ||
| NodeJS/ExpressJS module for Bearer/Token authentication. | ||
| Usage | ||
| ===== | ||
| In your ExpressJS application init script, add the following before setting any other route: | ||
| var bearer = require('bearer'); | ||
| var app = express(); | ||
| bearer({ | ||
| //Make sure to pass in the app (express) object so we can set routes | ||
| app:app, | ||
| //Please change server key for your own safety! | ||
| serverKey:"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678", | ||
| tokenUrl:'/token', //Call this URL to get your token. Accepts only POST method | ||
| createToken:function(req){ | ||
| //If your user is not valid just return "underfined" from this method. | ||
| var username=req.body.username; | ||
| var userValid=true; //You are aware that this is where you check username/password in your DB, right!? | ||
| if (userValid) return({ | ||
| expire: moment(Date.now()).add('days', 1).format('YYYY-MM-DD HH:mm:ss'), | ||
| username: username, | ||
| contentType: req.get('Content-Type'), | ||
| ip: req.ip, | ||
| userAgent: req.header('user-agent'), | ||
| custom_id: '55555', | ||
| another: 'Some data you need in your token', | ||
| moreData: 'Some more data you need' | ||
| }); | ||
| return undefined; | ||
| }, | ||
| validateToken:function(req, token){ | ||
| //you could also check if request came from same IP using req.ip==token.ip for example | ||
| if (token){ | ||
| return moment(token.expire)>moment(new Date()); | ||
| } | ||
| return false; | ||
| }, | ||
| afterAuthorized:function(token){ | ||
| //This is in case you would like to check user account status in DB each time he attempts to do something. | ||
| //Doing this will affect your performance but its your choice if you really need it | ||
| //Returning false from this method will reject user even if his token is OK | ||
| return true; | ||
| }, | ||
| secureRoutes:[ | ||
| {url:'/users', method:'get'} | ||
| ] | ||
| }); |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by45.78%
6318
- Number of lines in readme file
- increased by920%
51
No dependency changes