This package has been deprecated

Author message:

Package not maintained anymore. Use @icapps/tree-house-authentication instead

tree-house-authentication
TypeScript icon, indicating that this package has built-in type declarations

3.1.4 • Public • Published

Treehouse authentication

Authentication module written in TypeScript providing authentication utilities and JWT methods.

npm version Dependencies Build Status Coverage Status

Installation

Install via npm

npm install tree-house-authentication

or via yarn

yarn add tree-house-authentication

Usage

const authenticator = require('tree-house-authentication')
import * as authenticator from 'tree-house-authentication'

JWT

Configuration

const jwtSettings = {
  algorithm: 'HS256',
  expiresIn: '7d',
  audience: 'TREEHOUSE-AUTH',
  issuer: 'treehouse-authentication',
  secretOrKey: '5kZxE|gZu1ODB183s772)/3:l_#5hU3Gn5O|2ux3&lhN@LQ6g+"i$zqB_C<6',
};

You can find all possible configuration options at Github: node-jsonwebtoken

createJwt(payload, jwtSettings)

Returns a json webtoken with the provided payload and configuration. (Asynchronous)

authenticateJwt(token, jwtSettings)

Returns a decoded jwt token when the provided token is still valid. (Asynchronous)

decodeJwt(token)

Returns a decoded json webtoken. This does not validate the token. (Synchronous)

Sessions

getSession(options)

Returns an express middleware function to use on session based routes using the express-session module. (Synchronous)

const app = express();
 
const session = getSession({
  secret: 'mySuperSecretSecret'
});
 
app.use(session);

Two-factor authentication

Two-factor authentication functions using the speakeasy module.

generate2FAKey(options)

Returns two-factor authentication key with base32 and otp-authentication url needed for QR code generation

const { otpauth_url, base32, ... } = generate2FAKey();

generateQrCode(options)

Returns QR code image data, user secret, and url (if you wish to have a custom qr code implementation)

const { imageData, secret, url } = generateQrCode(options);

verifyToken(secret, token)

Verify whether a token is valid depending on a provided user secret (returns true/false)

const isValidCode = verifyToken('userSecret', 021214);

LDAP

CreateLdapClient(clientOptions, dnString, password)

WARNING !! : unbind function does not work in node 10 See (https://github.com/joyent/node-ldapjs/issues/483)

searchUsers(ldapClient, dnString, filterOptions)

Example

const clientOptions = {
  url: 'ldap://ldap.forumsys.com',
  port: '389',
};
const dnString = 'cn=read-only-admin,dc=example,dc=com';
const password = 'password';
 
// create a client instance that is connected with the directory server
const client = createLdapClient(clientOptions, dnString, password);
 
const searchDn = 'dc=example,dc=com';
const filterOptions = {
        filter: '(objectClass=*)',
        scope: 'sub',
      };
 
//Search users in the directory server
const users = await searchUsers(client,searchDn, filterOptions)

SAML

createLoginRequest(serviceProvider, identityProvider, binding)

Returns a login url to the identity provider

parseSAMLResponse(serviceProvider, identityProvider, request)

Parses the SAML request to a JSON object

createLogout(serviceProvider, identityProvider, user, redirectUrl?)

Creates an SSO logout url for the given user (sp initiated)

createServiceProvider(xmlMetaData: string | Buffer, args: ServiceProviderSettings = {})

Creates a service provider object to interact with.

createIdentityProvider(xmlMetaData: string | Buffer, args: IdentityProviderSettings = {})

Creates an identityProvider object to interact with

Example

 const serviceProvider = createServiceProvider(...);
 const identityProvider = createIdentityProvider(...);
 
  // Login
  async (req, res) => {
    const loginUrl = createLoginRequest(serviceProvider, identityProvider, 'redirect')
    res.redirect(loginUrl);
  }
 
  // The identity provider will send SAML response upon successful authentication
  // We will validate the response 
  async (req, res) => {
    const user = parseSAMLResponse(serviceProvider, identityProvider, req);
    if (user) { /* business logic} */ } 
  }
 
  // Logout
  async (req, res) => {
    const logoutUrl = createLogout(serviceProvider, identityProvider, user, redirectUrl)
    res.redirect(logoutUrl)
  }
  
 

Utilities

generateRandomHash(algorithm (optional), secret (optional))

Returns a random hash (can be used for tokens) (Synchronous)

getHashedPassword(password, saltCount)

Returns a hashed password. (Asynchronous)

comparePassword(password, hashedPw)

Check whether a password is valid compared with a hashed password. (Asynchronous)

Tests

You can run npm run test to run all tests You can run npm run test:coverage to run all tests with coverage report

Authors

See the list of contributors who participated in this project.

License

This project is licensed under the ISC License - see the LICENSE.md file for details

Package Sidebar

Install

npm i tree-house-authentication

Weekly Downloads

33

Version

3.1.4

License

ISC

Unpacked Size

56.3 kB

Total Files

33

Last publish

Collaborators

  • benjijanssens
  • samvanhoey
  • jaspervercammen
  • codeinineo
  • ethanfoust
  • jensicapps
  • willemhorsten
  • dgyesbreghs
  • samover
  • knor-el-snor