
Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
node-identity
Advanced tools
Security Middleware
var identity = require('node-identity');
var request = require('request-json');
var express = require('express');
var app = express();
// Add the security middleware
var identityHost = 'http://localhost:4000';
var identityToken = 'x-bi-joe-auth-token';
app.use(new identity.security(request, identityHost, identityToken));
// Protected routes
app.get('/protected', new identity.authentication(), function(req, res) {
console.log(req.security.authenticated); // outputs true
console.log(req.security.token); // outputs the security token
console.log(req.security.user); // outputs the user object
});
// Authorisation
app.get('/admin', new identity.authorization(['feature-admin']), function(req, res) {
console.log('route only if the feature "feature-admin" is authorized');
});
FAQs
Security Middleware for identity server
We found that node-identity demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
Product
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
Product
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.