A simple yet fast token authorization / authentication method. No need for bulky modules.
This module is lightwight and simply gets straight to the point of creating and authorizing tokens with expiry built in.
| Features | Description |
|---|---|
createToken(payload,secret) | This simply encodes our payload *data* to base 64 and signs the token using hmac sha256 for productive security 2018* |
authToken(token, secret) | This will check the token is valid and that the data has not been tampered with. |
expiry default 9000000 2.5hrs | You can set your own expiry by using createToken(payload,secret,expiry) |
| Authorization: Bearer | This currently works using tokens that contain Bearer, see examples to add this so it will also parse your token if not. |
Install using NPM
npm i fastauth --save
Make sure you are inside the fastauth directory and use
node example/app.js
// Require our module.
const auth = require('fastauth');
let secret = '3748238949jkfndkcvniwe733' // Please use a secure secret.
userID = '1',
userName = 'AdminTest',
email = 'admin@test.com',
custom = 'custom',
expiry = 3000000,
payload = `
"user": {
"_id":"${userID}",
"username":"${userName}",
"email":"${email}",
"custom":"${custom}"
}`;
let token = auth.createToken(payload, secret);
console.log(`Your token has been created: Bearer ${token}`);
ewogICAgInVzZXIiOiB7CiAgICAgICAgIl9pZCI6IjEiLAogICAgICAgICJ1c2VybmFtZSI6IkFkbWluVGVzdCIsCiAgICAgICAgImVtYWlsIjoiYWRtaW5AdGVzdC5jb20iLAogICAgICAgICJjdXN0b20iOiJjdXN0b20iCiAgICB9LCJpYXQiOjE1NDQ3OTU3NTY5MjYsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICJleHAiOjE1NDQ3OTg3NTY5MjYKICAgICAgICB9.Hwv18Lpc7QSd/RVROVbWhIMnVDmsB+uPsepeLjbycTE=
// Require our module.
const auth = require('fastauth');
let token = req.headers['authorization']; // OR
// If the token has does not have Bearer use
let token = `Bearer ${token from req}`;
let isAuth = auth.authToken(checkToken, secret);
// If isAuth...
if(isAuth)
// Do stuff after the token has been verified.
console.log(`You're token is valid! Data: ${token}`);
else
// Invalid token.
console.log(`Invalid Token!`);
v1.0.4 -- This is the first stable release.
Possibly improve some of the code Improve the readme / doc, to better undersand the function.
Feedback and improvments are always appreciated and help us to improve so please leave some!
Licensed under MIT.
FAQs
A simple yet fast token authorization / authentication method. No need for bulky modules.
We found that fastauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.