Lockit utilities

Small utilities module for lockit.

Installation

npm install lockit-utils

var utls = require('lockit-utils');

Configuration

// redirect target when requesting restricted page
exports.login = {
  route: '/login'
};
 
// database connection string
// CouchDB
exports.db = 'http://127.0.0.1:5984/';
 
// MongoDB
// exports.db = {
//   url: 'mongodb://127.0.0.1/',
//   name: 'test',
//   collection: 'users'
// };
 
// PostgreSQL
// exports.db = {
//   url: 'postgres://127.0.0.1:5432/',
//   name: 'users',
//   collection: 'my_user_table'
// };
 
// MySQL
// exports.db = {
//   url: 'mysql://127.0.0.1:3306/',
//   name: 'users',
//   collection: 'my_user_table'
// };
 
// SQLite
// exports.db = {
//   url: 'sqlite://',
//   name: ':memory:',
//   collection: 'my_user_table'
// };

Features

• protect routes from unauthorized access and redirect
• get database and lockit adapter from connection string
• generate link to QR code image for two-factor auth
• verify provided two-factor token
• destroy a session (works with cookie sessions and session stores)

Methods

restrict([config])

Prevent users who aren't logged-in from accessing routes. Use login.route for redirection. Function also remembers the requested url and user is redirected after successful login. If rest is enabled you'll get a 401 response.

• config Object optional - Configuration object

  • login String - Route that handles the login process - default '/login'

Example

config.js

exports.login = {
  route: '/login'
};

app.js

var config = require('./config.js');
app.get('/private', utils.restrict(config), function(req, res) {
  res.send('only a logged in user can see this');
})

getDatabase(config)

Get type of database and database adapter name from connection information.

• config Object - Configuration object

  • db String, Object - Database connection string / object

Returns

• Object - Object containing database type and adapter

Example

config.js (CouchDB)

exports.db = 'http://127.0.0.1:5984/';

config.js (all other DBs)

exports.db = {
  url: 'postgres://127.0.0.1:5432/',
  name: 'users',
  collection: 'my_user_table'
}

app.js

var config = require('./config.js');
var db = util.getDatabase(config);
// {
//   type: 'couchdb',
//   adapter: 'lockit-couchdb-adapter'
// }

qr(config)

Generate link to QR code, uses Google Charts.

• config Object - Configuration object

  • key String - Individual random key for user

  • email String - User email for Google Authenticator app

  • issuer String - Issuer for Google Authenticator - default 'Lockit'

Returns

• String - URL for QR code

Example

var config = {
  key: 'abcd1234',
  email: 'mirco.zeiss@gmail.com'
};
var link = util.qr(config);
// https://chart.googleapis.com/chart?chs=200x200&cht=qr&chl=otpauth%3A%2F%2Ftotp%2FLockit%3Amirco.zeiss%40gmail.com%3Fsecret%3DMFRGGZBRGI2DI%3D%3D%3D%26issuer%3DLockit

verify(token, key, [options])

Verify a two-factor authentication token, uses time-based one-time password algorithm (totp). To be used with Google Authenticator.

• token String - The two-factor token to verify

• key String - The individual key for the user

• options Object optional - Options object for notp#totp.verify

  • window String - Allowable margin for counter - default 6

  • time Number - Time step of counter in seconds - default 30

Returns

• Boolean - true if token is valid

Example

var key = 'abcd1234';
var token = '236709';
var valid = util.verify(token, key);
if (valid) {
  // continue here
}

destroy(req, done)

Destroy the current session. Works with cookie sessions and session stores.

• req Object - The default Express request object

• done function - Function executed when session is destroyed

Example

util.destroy(req, function() {
  // user is now logged out
});

pipe(source, target)

Pipe events from source to target. source can be a single event emitter or an Array of event emitters.

• source Object, Array - Single event emitter or Array of event emitters

• target Object - Single event emitter

Example

var util = require('util');
var events = require('events');
var utils = require('lockit-utils');
 
var Child = function() {};
util.inherits(Child, events.EventEmitter);
 
var Mother = function() {};
util.inherits(Mother, events.EventEmitter);
 
var child = new Child();
var mother = new Mother();
 
utils.pipe(child, mother);
 
mother.on('action', function(action) {
  console.log('look the child is ' + action);
});
 
child.emit('action', 'smiling');

Test

make test

License

MIT