npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

moneypenny-client

v0.0.6

Published

Moneypenny authentication client, allows node js applications to authenticate using moneypenny

Downloads

22

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

atridgeatridgethepontthepont

Keywords

Readme

moneypenny-client

Moneypenny - Authentication Client

Circle CI Coverage Status

##Introduction

Moneypenny acts as an authentication service that supports single sign-on and sign-off using oAuth and JSON web tokens(JWT).

Backend services unencrypt the JWT to know who the authenticated user is.

###Related Projects

###Sample

Sample Implementation Code

##Authenticating a Request

To authenticate a request against another service running moneypenny client the server can forward the token to that service, moneypenny-client uses passport-localapikey to allow requests to other services to be authenticated.

The token is passed by adding the query parameter apikey or a header apikeyto the request, service running moneypenny-client will then attempt to decript that user using either the public key or shared secret, if it has success that user will be authenticated for that request.

This project connects to the moneypenny server

###Methods

checkAuthenticated(req, res, next) middlewhere to check the authentication of the client, redirects the user to the moneypenny server for login, if they are not authenticated.

initialize(app) initalizes express to use routes required by moneypenny for the oauth flow.

##Authenticated User.

After a user is authenticated with the moneypenny server and the oAuth flow is complete, the user will be attached to the expressjs request as req.user and the users token attached to the user in req.user.token.

For the sake of security a developer using this service should endevor to not pass the token outside their controlled ecosystem, for example, remove the token from the object if you wish to send the user to the browser.

##API documentation.

moneypenny-client

Client for authentication against a moneypenny server.

See: https://github.com/blueflag/moneypenny
Example

var express = require('express');
var app = express();
// Create and configure Moneypenny authetication client.
var authClient = new AuthClient({
		jwtSecret: JWT_SECRET,
		providerHost: AUTH_HOST,
		providerPort: AUTH_PORT,
		serverHost: SERVER_HOST,
		serverPort: SERVER_PORT,
		oAuthClientSecret : CLIENT_SECRET,
		oAuthClientID: CLIENT_ID
});
//Initialize Authentication Routes.
authClient.initialize(app);
//Check authentication before other routes
app.use(authClient.checkAuthenticated);

moneypenny-client.checkAuthenticated(req, res, next)

Checks that a user is autenticated for a request, returns user to the login page if they are not.

Kind: static method of moneypenny-client

| Param | Type | Description | | --- | --- | --- | | req | Request | express request object. | | res | Response | express response object | | next | callback | express next callback, next function to call after success. |

moneypenny-client.initialize(app)

Initalizes the passport and sets up oAuth routes.

Kind: static method of moneypenny-client

| Param | Type | Description | | --- | --- | --- | | app | App | express js application ojbect. |

moneypenny-client~Options : Options

Options required for creating a moneypenny client.

Kind: inner typedef of moneypenny-client
Properties

| Name | Type | Description | | --- | --- | --- | | jwtSecret | String | Secret to use to decode JWT. | | providerHost | String | required web accessable host name for the location of the authentication server. | | providerPort | Number | default:443 web accessable port for the location of the authentication server. | | providerName | String | default:moneypenny-server name given to the oAuth passport stratergy | | serverHost | String | required web accessable hostname of the service running the moneypennny-client | | serverPort | Number | default:443 web accessable port of the service running the moneypennny-client | | oAuthClientSecret | String | required shared secret setup in the authentication service for the service | | oAuthClientID | String | required client id that corresponds to this service on the authentication service | | authorizationURI | String | default:/oauth2/authorization url on the authentication server where the authentication endpoint can be found. | | tokenURI | String | default:/oauth2/token uri that this server will use to get the token. | | callbackURI | String | default:/auth/provider/callback uri that will be added to this server using the initialize() method that will be used for the oAuth2 callback | | loginUri | String | default:/login uri that is used to login to the service, this will be added to this server using the initalize() method. |