moneypenny-client

moneypenny - Authentication Client

Moneypenny acts as an authentication service that offers multiple authentication strategies to a backend service and sends a JSON web token(JWT) encripted using a shared secret as a response.

Other services in the architecture should also know the shared secret allowing the token to be passed around in API calls to provide user information related to the request.

##Autenticated User.

After a user is authenticated with moneypenny, the user will be attached to the expressjs request as req.user and the users token attached to the user in req.user.token.

For the sake of security a developer using this service should endevor to not pass the token outside their controlled ecosystem, for example, remove the token from the object if you wish to send the user to the browser.

##Authenticating next Request

To autenticate a request against another moneypenny server forward the token to that service, moneypenny-client uses passport-localapikey for this.

You can either attach a query parameter apikey or a header apikey the next service will then attempt to decript that user using either the public key or shared secret, if it has success that user will be autenticated for that request.

This project connects to the moneypenny server