tala-express
Advanced tools
A lightweight nodejs package for adding authorization system on your express app.
Install this package with npm or yarn
npm install tala-express
yarn add tala-express
Initializes the tala.
setTala(dbConn, configuration);
| Parameter | Type | Description |
|---|---|---|
dbConn | object | Required. mysql2 connection or pool, or mongoose |
configuration | object | Required. Options are described in the configuration section |
Generates token for an user. Use this to generate token after login is succeed. This token needs to be sent as Authorization header or cookie to verify a request.
genToken(req, userId);
| Parameter | Type | Description |
|---|---|---|
req | object | Required. Current request object of express |
userId | int or string | Required. For whom the token will be generated |
This function returns a middleware that makes sure a request is authorized.
And if it's authorized then adds userId, accessToken and user attributes
to the request object. user attribute will be populated from userModel
table (mysql) or model(mongoose) provided in the configuration object.
ensureUser(callback, ignores);
| Parameter | Type | Description |
|---|---|---|
callback | object | Required. The function to be called when a request is not authorized |
ignores | string, array, regex | Routes, for which this check can be omitted |
reqand resstring, regex or array of both to ignore this check for app.use(ensureUser((req, res)=>{
res.status(401).send('Unauthoried request.');
}, ['/login', '/register']));
Removes a token from the database.
revokeToken(userId, token)
| Parameter | Type | Description |
|---|---|---|
userId | string or int | Required. User id of the token |
token | string | Required. The token to be removed |
Returns an array of tokens that the given user posseses.
getOfUser(userId, page);
| Parameter | Type | Description |
|---|---|---|
userId | string or int | Required. User id of the user |
page | int | Page number for pagination |
Returns an array of users that a token posseses. This is helpful for logging into multiple accounts from a single device.
getOfToken(token, page);
| Parameter | Type | Description |
|---|---|---|
token | string | Required. The token |
page | int | Page number for pagination |
import { createPool } from 'mysql2/promise';
import { setTala, genToken, ensureUser, attachUser } from 'tala-express';
import express from 'express';
const dbConn = createPool({
host: "localhost",
user: "root",
password: "",
database: "test",
});
setTala(dbConn, {
promise: true
});
const app = express();
const authChecker = ensureUser(
(req, res)=>{
/**
* This will get called if user is not authorized
*/
res.status(401).send('Unauthorized request!');
},
'/login' /* Paths to be skipped from this check. array, string or regex */
);
const authCheckerApi = ensureUser(
(req, res)=>{
res.status(401).send({
success: false,
error: 'Unauthorized request!'
});
},
['/api/login', '/api/register', /^\/api\/guest\//]
);
app.use(/^(?!\/api\/)/, authChecker);
app.use(/^(\/api\/)/, authCheckerApi);
app.post('/login', (req, res)=>{
if(req.userId){
//User is already logged in;
res.send(req.user);
return;
}
//DO your password check
const token = genToken(req, user_id);
//Either you can set this as cookie or send with request header
});
app.listen(3000, ()=>{
console.log('Server started at port 3000');
});
setTala(dbConnection, { //mysql2 connection or pool
promise: false, //true if connection is promise (mysql2 only)
cookie: {
name: 'user_key',
signed: false //true if cookies are signed
},
header: 'Authorization', //The header name by which token will be sent
/**
* Provide table name for mysql2 or model for mongoose to
* add a user property containing user info in req object
*/
userModel: false,
/**
* coloumn names or fields you want to get from users table
* In case of mysql2 provide array of fields
* or a direct string as: "full_name as name, COUNT(id) AS any_count"
* And in case of mongoose provide space separated names as: "name age another_field"
*/
populate: false,
/**
* coloumn names or fields you want to get from users table
* In case of mysql2 provide array of fields
* or a direct string as: "full_name as name, COUNT(id) AS any_count"
* And in case of mongoose provide space separated names as: "name age another_field"
*/
foreignKey: 'id', //id column name in the userModel table
});
FAQs
A lightweight authorization package for express app
The npm package tala-express receives a total of 1 weekly downloads. As such, tala-express popularity was classified as not popular.
We found that tala-express demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
Security News
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.