If you want to build a restful server for Node.js, and still want to use express, but prefer to avoid all the overhead cost for express-session, you have come to the right place. express-restful-auth is an light-weight RESTful authentication system based on userID and access token. The idea is that
- whenever a user provies a userID, the system will check if the session matches the userID.
- It will only generation session on explicit request.
You can make explicit request to generate the session when you call
req.genSession().
You will also be able to load session information by calling
req.loadSession()
// after loading the session, you will be able to access all the session information from req.session
When the user want to log out, you can call
req.destorySession()
Checkout the later section for the detailed API calls When either of userID or access token is provided, the system will enforce both to be present and check if the userID matches with the token.
either put the package name, express-restufl-auth, into package.json, or type the following command: npm install express-restful-auth
var express = require('express');
var app = express();
var auth = require('express-restful-auth');
app.use(express.urlencoded());
app.use(express.json());
app.use(auth());
and now you are ready to go! To set the data associated with the token, you can do the following:
app.get('/login', function(req, res) {
if (req.param('password') === password && req.param('username') === username) {
req.genSession();
// or, if you are more comfortable, req = req.genSession();
// now I will associate this userID with the session. String format is
// preferred because express sometimes typecast unexpectedly. Note: you
// have to explicitly assign the userID to the session object
req.session.userID = userID.toString();
res.send({token: req.sessionID, userID: req.session.userID});
} else {
res.send(401, "password mismatch!");
}
});
for more advanced usage such as changing name of userID, access token, explicity error handler, or changing the redis server configuration, check out the test cases.
## req.genSession()
Function used to generate session and set the field of req.session
to the session generated, as well as req.sessionID to be the ID
of the session.
express-restful-auth's People
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.