access-token-api
A simple api access token support count and ttl,which base on nodejs. It can protect your api,prevent CSRF attacks, api called count with ttl.
examples
install
npm install access-token-api
usage
Single Process
`nodejs` var accessTokenApi = ;var TokenApi = webTokenVarName:'encrypt_api_tokenStr'//default to encrypt_api_tokenStr { //if you want to custom you webtoken inject in hmlt , you can do in this function. example: var htmlEndIndex = html; var tokenScript = '<script>window.' + thisconfigwebTokenVarName + '=' + token + '</script>'; var prevHtml = html; var nextHtml = html; prevHtml += tokenScript; prevHtml += nextHtml; ; }; `web javascript` //get the token windowwebTokenVarName
Multi Process
`nodejs` var redis = client = redis;var accessTokenApi = ; var TokenApi = //store token in database(provide get , set, remove function) storeConfig: { client; } { client; } { client; } webTokenVarName:'encrypt_api_tokenStr'//default to encrypt_api_tokenStr { //if you want to custom you webtoken inject in hmlt , you can do in this function. }; TokenApi;TokenApi;
storeConfig more params's config please to see
store-ttl
web page can get token by window[webTokenVarName] , default to window.encrypt_api_tokenStr
API
issue
issue random token.
/** * [issuse token] * @param {[number]} [token ttl, default unit is second] * @param {[number]} [token avalid count] * @return {[string]} [return token] */TokenApi //issue given tokenTokenApi
limit
limit function call times with ttl.
/** * [limit function call some time] * @param {[number]} [functionkey ttl, default unit is second] * @param {[number]} [function avalid count] * @return {[string]} [return err] */ // apiname can call 5 times in 10 sencondsTokenApi
pass
verify and decline token times, when the token is valid.
TokenApi
passPromise
verify and decline token times, when the token is valid.
TokenApi
verify
verify the token
TokenApi
remove
remove the token
TokenApi
decline
decline the token times
TokenApi
webInject
custom web frontend way to inject token into page
TokenApi
test
//test1 redis-server2 npm test//coveragenpm run cov
publish log
-
0.2.1 add api passPromise , other api support promise.
-
0.2.0 add api limit , which one key can call some times with ttl.
-
0.1.0 issuse api support issue given token.