New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
bearer - npm Package Compare versions
Comparing version 0.0.5 to 0.0.6
| { | ||
| "name": "bearer", | ||
| "version": "0.0.5", | ||
| "version": "0.0.6", | ||
| "description": "Bearer authentication module using token and Authorization HTTP header", | ||
@@ -5,0 +5,0 @@ "main": "bearer.js", |
@@ -5,7 +5,11 @@ BearerJS | ||
| NodeJS/ExpressJS module for Bearer/Token authentication. | ||
| Often used for RESTful API, Smartphones etc to authenticate users without active session | ||
| Usage | ||
| ===== | ||
| In your ExpressJS application init script, add the following before setting any other route: | ||
| On your NodeJS app | ||
| ------------------ | ||
| In your ExpressJS application init script, add the following before setting any other route. You will notice that you are free to create token content as you like. | ||
| ```javascript | ||
@@ -54,1 +58,32 @@ var bearer = require('bearer'); | ||
| ``` | ||
| Settings passed to BearerJS: | ||
| * app: Your expressJS app object. We will add one route (default /token) and middleware for processing requests to it | ||
| * serverKey: This is token encryption key. PLEASE PLEASE chnage it in your application | ||
| * tokenURL: We will add this route for POST method as end point for user authentication to generate token | ||
| * createToken: Use this function to generate any token content you might need. Token will be encrypted and sent back as response from tokenURL request | ||
| * validateToken: This method will provide you with decrypted token from request. Use it wizely to verify that it is ok | ||
| * afterAuthorized: Sometimes you will not want to rely only on token validation. Once request is validated using token, you do additional check (perhaps check status in db etc.) | ||
| * secureRoutes: Just add routes you want to have secured | ||
| On your Client app | ||
| ------------------ | ||
| You need to get your token first. Probably during application startup or login | ||
| POST http://yoururl/token | ||
| Use whatever x-www-form-urlencoded parameters that your "createToken" function will use to validate user credentials and create token. | ||
| When you get back response containing token similar to: | ||
| ```javascript | ||
| { | ||
| "access_token": "U2FsdGVkX1+xSwd3f8WPCmM4WDOuZB1jblNArZEP/iKUu/ZF3+i9RZxGZuR5wnaMxw2wUjf4KbNQMjLderxDSTro2W9r7dbadltV+W1PbX3KTm5hbz4XYCdS7E4rlEALaKIBNyFyaBF9j8R+OpHEnddehW6pOAMfRmPPMqpfe20iIqdm3og+KZEU75qPXKZN04+XZGJFKpv557km0iF2KIBsYl4BrdeinJE4fU5wjvZMdv/C8u/hfRfFZZAGv9RC9TfEdD1HDvEynvtzwESuxdiqCOu6KPM4QoFTLHEo8Aj40WyoYEMFYPJOMI2fycej9SR5CcR/RJJFU6Q+IfKJ6cZIijpPnF6oYDqI/XbQYBV2fCEO3oTJeNxhaYpZaVBbRqV+AKasIGMonBK3rSeiHlPu9wLkfa6vZbDPqhKmZrAE6JrO8oaJJqogbu4TXu37Jw2qRLd0Z9IdZQT9EjjJPUJTfSljbM5YS3mLTfn+pjQ=", | ||
| "expDate": "2014-06-18 22:52:23" | ||
| } | ||
| ``` | ||
| You can use it in subsequential requests as part of your HTTP Header (dont forget the "Bearer " prefix) | ||
| Authorization=Bearer U2FsdGVkX1+xSwd3f8WPCmM4WDOuZB1jblNArZEP/iKUu/ZF3+i9RZxGZuR5wnaMxw2wUjf4KbNQMjLderxDSTro2W9r7dbadltV+W1PbX3KTm5hbz4XYCdS7E4rlEALaKIBNyFyaBF9j8R+OpHEnddehW6pOAMfRmPPMqpfe20iIqdm3og+KZEU75qPXKZN04+XZGJFKpv557km0iF2KIBsYl4BrdeinJE4fU5wjvZMdv/C8u/hfRfFZZAGv9RC9TfEdD1HDvEynvtzwESuxdiqCOu6KPM4QoFTLHEo8Aj40WyoYEMFYPJOMI2fycej9SR5CcR/RJJFU6Q+IfKJ6cZIijpPnF6oYDqI/XbQYBV2fCEO3oTJeNxhaYpZaVBbRqV+AKasIGMonBK3rSeiHlPu9wLkfa6vZbDPqhKmZrAE6JrO8oaJJqogbu4TXu37Jw2qRLd0Z9IdZQT9EjjJPUJTfSljbM5YS3mLTfn+pjQ= | ||
No alert changes
Improved metrics
- Total package byte prevSize
- increased by41.26%
8953
- Number of lines in readme file
- increased by66.04%
88
No dependency changes