passport-auth-jwt
A Passport strategy for authenticating with a JSON Web Token.
This module lets you authenticate endpoints using a JSON web token. It is intended to be used to secure RESTful endpoints without sessions.
Install
npm install passport-auth-jwt
Usage
Sorry this is a personal library for locking my system. And I to open the handler requirements.
The flow
User <-> Device <-> Provider
Note
:
User
This is your userDevice
This is your application/websiteProvider
This is your system, RESTful endpoint
Configure
/*** Config*/var passport = ;var passportAuthJWT = ;configpassporthook = ;var PassportMoney = configpassport;passport;
// config.passport
{
clientId: 'client_id',
extractJwtOpts: {
authScheme: 'AuthJWT',
tokenBodyField: 'access_token',
tokenQueryParameterName: 'access_token'
},
requestTokenEndpoint: '/auth/request-token',
refreshTokenEndpoint: '/auth/refresh-token',
tokenEndpoint: '/auth/token',
ignoreRequestTokenUrl: ['/'],
secret: '5f2c6556-2483-4254-a0e6-d8aec4069caa',
accessTokenExpire: 7 * 86400, // 7 days = 7 * 24 * 3600;
refreshTokenExpire: 10 * 365 * 86400, // 10 year
requestTokenExpire: 3600 // 1h
}
// ./helper/auth-jwt-hook 'use strict'; const mongoose = ;const uuid = ;const jwt = ;const async = ;const moment = ;const _ = ; const PassportError = { if err console; return ;}; const ClientSchema = mongoose;const UserSchema = mongoose;const RefreshTokenSchema = mongoose; const Error = ; // restify get path;var { return reqroute ? reqroutepath : reqpath;}; var urlRequireForRequestToken = '/auth/token' '/facebook-register' '/google-register' '/register' '/forgot-password'; var AuthJWTHook = { return { console; // Logic if reqauthenticateclient === jwt_payloadclient_id else ; } } // Set userId to req { return { if user requserId = useruserId; ; else ; }; } { return { res; } } /* more in req req.authenticate = { client: '14235l4tjgksdsjdlkfs', secret: '3o432492rjfksdfjslkdfjsdkl' }; */ { var clientInfo = reqauthenticate; ClientSchema; } { // Logic for generate token return { if tokenInfo && tokenInfotype === 'request-token' var client_id = tokenInfoclient_id; var clientId = tokenInfoclientId; var postData = reqbody; AuthJWTHook; else res; }; } { return { if tokenInfo && tokenInfotype === 'refresh-token' AuthJWTHook; else res; }; } { async; } { var key = uuid; var token = AuthJWTHook; // logic more... } { // Logic for clean refresh token } { var attachInfo = clientId: clientId client_id: client_id userId: userId code: deviceKey ; var token = AuthJWTHook; ; } { if urlRequireForRequestToken > -1 ; else ; } { // Valid refresh token console; if configrefreshTokenEndpoint === && jwt_payloaddeviceKey // Logic for verufy refresh token else console; ; } { extraData = extraData || {}; var token_payload = type: type code: uuid ; token_payload = Object; return jwt; } { return ; } { // Login function.... AuthJWTHook }; moduleexports = AuthJWTHook;
Authenticate requests
Use PassportMoney.authenticate()
specifying 'JWT'
as the strategy.
app;
If you have any questions please create issues on Github. I will try to help