@acastellon/auth

1.0.20 • Public • Published

auth

Authentication Control System for microservices that uses a combination of NTLM + LDAP + JWT to check the security

usage

module.exports = {
    url: 'ldaps://<address>:636'
    ,DOMAIN : '<domain>'
    ,baseDN: '<baseDN>'
    ,username: '<user-ldap>'
    ,password: '<password>'
    
    ,tlsOptions: {
            ca: '<path/andfile/to/ca/certificate>',
            rejectUnauthorized: false,
    }
    ,NTLM_DEBUG: false // to activate log messages 
    ,NTLM_OPTIONS: true // to activate configuration from tlsOptions or use the default if it's false
    ,NTLM_LDAP: false // to enable/disable request to ldap module automatically for each NTLM request 
    ,NTLM_PATH : '*' // path to be controlled by NTLM, by default is '*" all paths
    ,CNAME: 'dev.example.com'
    
    ,passToken: '<passphrase-optional>'  /* if doesn't exists the module generates ones automatically */
    ,EXPIRES: 86400                     /* JWT expires in 24 hours */
    
    ,MOCKUP_USERS : ['acastellon','lskywalker']
    ,MOCKUP_ROLES : ['User','Admin']
    ,ROLES : {
        'User': 'GI RD USER '
        , 'Admin': 'GI RD  ADMINISTRATOR '
        , 'Viewer': 'GI RD  VIEWER '
    }
}


const auth      = require('@acastellon/auth')(def_auth);

In case of Authentication based in NTLM (normally is related to the Server Web FrontEnd), use:.

 auth.setNTLMAuth(app);

In case of Authentication based in JWT use:

 auth.validateToken(app);

Uses an internal cache to avoid continues queries to the LDAP server.

@TODO: update the cache when throws the expiration of the token.      

Values in Header created:

  x-access-token        - JWT generated 
  is-authenticated      - a flag if it was validated already for ldap 
  auth-user             - name of the user validated

Note: In order to increase the Security (if it's required) we could use the following techniques:

  • reduce the expiration time for the tokens
  • create a hash with : < users >: < passwordToken-autogenerated >

all in order that practically every request contain a new token (but this tech. decrease the performance)

Package Sidebar

Install

npm i @acastellon/auth

Weekly Downloads

1

Version

1.0.20

License

MIT

Unpacked Size

12.7 kB

Total Files

5

Last publish

Collaborators

  • acastellon