{"id":13753129,"url":"https://github.com/davidguttman/authentic","last_synced_at":"2025-05-09T02:46:27.141Z","repository":{"id":57187120,"uuid":"45343833","full_name":"davidguttman/authentic","owner":"davidguttman","description":"Authentication for microservices.","archived":false,"fork":false,"pushed_at":"2015-11-17T17:37:58.000Z","size":13,"stargazers_count":224,"open_issues_count":2,"forks_count":9,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-04-14T06:46:12.805Z","etag":null,"topics":["authentication","jwt","microservice"],"latest_commit_sha":null,"homepage":"http://dry.ly/authentic","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/davidguttman.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-11-01T14:35:57.000Z","updated_at":"2025-01-28T08:31:29.000Z","dependencies_parsed_at":"2022-08-28T10:51:23.742Z","dependency_job_id":null,"html_url":"https://github.com/davidguttman/authentic","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidguttman%2Fauthentic","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidguttman%2Fauthentic/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidguttman%2Fauthentic/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidguttman%2Fauthentic/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/davidguttman","download_url":"https://codeload.github.com/davidguttman/authentic/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253181389,"owners_count":21866989,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","jwt","microservice"],"created_at":"2024-08-03T09:01:16.704Z","updated_at":"2025-05-09T02:46:27.112Z","avatar_url":"https://github.com/davidguttman.png","language":"JavaScript","readme":"# Authentic\n\nAuthentication for microservices. This is collection of the following modules:\n\n* [authentic-server](https://github.com/davidguttman/authentic-server)\n* [authentic-service](https://github.com/davidguttman/authentic-service)\n* [authentic-client](https://github.com/davidguttman/authentic-client)\n\n## What is it? ##\n\nAuthentic is a collection of modules to help your various services authenticate a user. Put more concretely, Authentic does the following:\n\n* Allow your users to \"sign up\", \"confirm\", \"log in\", and \"change password\" with their email address and a chosen password (persisted to a db of your choice), and provide an authentication token ([JWT](http://jwt.io)) on successful log in.\n* Easily protect access to your microservice by decrypting a user's authentication token.\n* Help make requests from the browser to `authentic-server` for sign up/confirm/login/password reset, as well as automatically including the authentication token in requests to your microservices.\n\nThere's also a more full [introduction to Authentic](http://dry.ly/authentic).\n\n## Example ##\n\nLet's pretend you work at ScaleHaus (Uber meets Airbnb for lizards). You have a web app at `admin.scalehaus.io` (client-side SPA) that is an interface to various microservices (like `reporting.scalehaus.io`). You want to make sure that only employees with a `@scalehaus.io` email address have access to your app and microservices. Here's how you can do it:\n\n1) Create an authentication server with [authentic-server](https://github.com/davidguttman/authentic-server) available at `auth.scalehaus.io`.\n\n2) Add views to `admin.scalehaus.io` for signup/confirm/login/reset-password and use [authentic-client](https://github.com/davidguttman/authentic-client) for those actions and for requests to your microservices.\n\n3) In your microservice(s), e.g. `reports.scalehaus.io`, use [authentic-service](https://github.com/davidguttman/authentic-service) to decrypt the authentication token provided in the request and verify the user's identity and that their email ends in `@scalehaus.io`.\n\n## Installation ##\n\nIt's best to install each module individually in the project that needs it. In theory, you could have a single project that needs to be the server, client, and service -- in that case feel free to `npm install --save authentic`. Otherwise use `npm install --save authentic-server`, `npm install --save authentic-service`, or `npm install --save authentic-client` depending on your project.\n\n## In Action ##\n\n### Authentic Server ###\n\n```js\nvar fs = require('fs')\nvar http = require('http')\nvar Authentic = require('authentic').server\n\nvar auth = Authentic({\n  db: './userdb',\n  publicKey: fs.readFileSync('/rsa-public.pem'),\n  privateKey: fs.readFileSync('/rsa-private.pem'),\n  sendEmail: function (email, cb) {\n    // send the email however you'd like and call cb()\n  }\n})\n\nhttp.createServer(auth).listen(1337)\nconsole.log('Authentic Server listening on port', 1337)\n```\n\n### Microservice ###\n\nAuthentic provides a token decrypt function for easy use, but since everything is standard JWT, feel free to use your own (`authentic-server` exposes its public-key by default at `/auth/public-key`).\n\n```js\n\nvar http = require('http')\nvar Authentic = require('authentic').service\n\nvar auth = Authentic({\n  server: 'https://auth.scalehaus.io'\n})\n\nhttp.createServer(function (req, res) {\n  // Step 1: decrypt the token\n  auth(req, res, function (err, authData) {\n    if (err) return console.error(err)\n\n    // Step 2: if we get an email and it's one we like, let them in!\n    if (authData \u0026\u0026 authData.email.match(/@scalehaus\\.io$/)) {\n      res.writeHead(200)\n      res.end('You\\'re in!')\n\n    // otherwise, keep them out!\n    } else {\n      res.writeHead(403)\n      res.end('Nope.')\n    }\n  })\n}).listen(1338)\n\nconsole.log('Protected microservice listening on port', 1338)\n\n```\n\n### Client Login ###\n\nAuthentic provides a HTTP JSON client for easy use, but since everything is standard JWT, feel free to use your own.\n\n```js\nvar Authentic = require('authentic').client\n\nvar auth = Authentic({\n  server: 'https://auth.scalehaus.io'\n})\n\nvar creds = {\n  email: 'chet@scalehaus.io',\n  password: 'notswordfish'\n}\n\n// Step 1: log in\nauth.login(creds, function (err) {\n  if (err) return console.error(err)\n\n  // Step 2: make a JSON request with authentication\n  var url = 'https://reporting.scalehaus.io/report'\n  auth.get(url, function (err, data) {\n    if (err) return console.error(err)\n\n    // show that report\n    console.log(data)\n  })\n})\n\n```\n\n# License\n\nMIT\n","funding_links":[],"categories":["jwt"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavidguttman%2Fauthentic","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdavidguttman%2Fauthentic","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavidguttman%2Fauthentic/lists"}