Simplest use
const path = ; const fs = ; const bodyParser = ; const express = ; const app = ; app; app; app; const security = ; const middlewares = ; /** * Always place .signout endpoint before .secure if you want to avoid weird redirections */appall'/signout' middlewaressignout; app; appall'/refresh' middlewaresrefresh; appall'/diff' middlewaresdiff; const content = fs; app; const port = processenvNODE_BIND_PORT; const host = processenvNODE_BIND_HOST; const server = app;
About architecture
The core script is securityabstract.js, (I'm encoriging to see how things are implemented - it's quite simple, EDIT: was simple before I've added "remember me" functionality ;) ) this script is responsible for creating authentication cookie after correct login, it doesn't impose any encryption method for cookie content.
Another script is securityjwt.js which is extension of default configuration of securityabstract.js and it is focused on encrypting cookie using JWT.
If would like to create different method of encrypting session token just extend securityabstract.js and use securityjwt.js as an example how to do it.