gatekeeper-express
Advanced tools
The one and only Two Factor Authentication Handler for Express.
Tested with Authy and Google Authenticator
npm i gatekeeper-express
npm i lodash express
req.user)'use strict';
const { GateKeeper } = require('gatekeeper-express');
const gateKeeper = new GateKeeper({
prefix: 'App',
length: 64
});
app.use(
ensureLoggedIn(),
gateKeeper.express({
routePathPrefix: '/2fa',
userIdPath: 'email',
onSecret: (req, secret, next) => {
// update database here
req.user.secret = secret;
next();
},
onVerified: (req, next) => {
// update db here
req.user.twoFaVerified = true;
next();
}
})
);
GateKeeper uses res.render('two-fa') to render the page with qr image.
This is an example in Vash. Please adapt it to your app.
<div class="text-center">
<h4 class="h4 text-gray-900 mb-3">Two Factor Authentication</h4>
</div>
<form autocomplete="off" action="@model.verifyUrl" method="POST" class="user">
<input autocomplete="off" name="hidden" type="text" style="display:none;">
@if (model.qrImage) {
<div class="text-center mb-2">
<img src="@model.qrImage">
</div>
}
<div class="form-group">
<input
type="text"
class="form-control form-control-user"
id="token-input"
name="token"
placeholder="Enter verification token...">
</div>
<button class="btn btn-primary btn-user btn-block" type="submit">Verify</button>
</form>
<script>$('#token-input').focus();</script>
You can also use Ajax.
If you request /2fa with Ajax it will send back in JSON: { qrImage: string; verifyUrl: string; }
Do a POST request to verifyUrl and GateKeeper will send back a JSON object with a redirect url to use: { redirect: string; } if needed.
To reset a user's 2-fa, simply delete user.secret.
Made with ❤ at Income Store in Lancaster, PA.
FAQs
The one and only Two Factor Authentication Handler for Express.
The npm package gatekeeper-express receives a total of 2 weekly downloads. As such, gatekeeper-express popularity was classified as not popular.
We found that gatekeeper-express demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.
Security News
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.
Security News
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.