{"id":22050133,"url":"https://github.com/icapps/tree-house-authentication","last_synced_at":"2025-07-01T05:33:57.211Z","repository":{"id":48285395,"uuid":"95124153","full_name":"icapps/tree-house-authentication","owner":"icapps","description":"Tree House Authentication module","archived":false,"fork":false,"pushed_at":"2023-01-16T08:31:53.000Z","size":2783,"stargazers_count":5,"open_issues_count":0,"forks_count":1,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-04-10T08:09:20.004Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/icapps.png","metadata":{"files":{"readme":"README.md","changelog":"HISTORY.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-06-22T14:28:25.000Z","updated_at":"2023-01-16T08:24:22.000Z","dependencies_parsed_at":"2023-02-10T02:01:49.743Z","dependency_job_id":null,"html_url":"https://github.com/icapps/tree-house-authentication","commit_stats":null,"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icapps%2Ftree-house-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icapps%2Ftree-house-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icapps%2Ftree-house-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icapps%2Ftree-house-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/icapps","download_url":"https://codeload.github.com/icapps/tree-house-authentication/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253160776,"owners_count":21863630,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-30T14:17:59.075Z","updated_at":"2025-05-08T23:10:52.725Z","avatar_url":"https://github.com/icapps.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Treehouse authentication\n\nAuthentication module written in TypeScript providing authentication utilities and JWT methods.\n\n[![npm version](https://badge.fury.io/js/tree-house-authentication.svg)](https://badge.fury.io/js/tree-house-authentication)\n![CI](https://github.com/icapps/tree-house-authentication/workflows/Continuous%20Integration/badge.svg?branch=master)\n\n## Installation\n\nInstall via npm\n\n```shell\nnpm install @icapps/tree-house-authentication\n```\n\nor via yarn\n\n```shell\nyarn add @icapps/tree-house-authentication\n```\n\n## Usage\n\n```javascript\nconst authenticator = require('@icapps/tree-house-authentication')\n```\n\n```javascript\nimport * as authenticator from '@icapps/tree-house-authentication'\n```\n\n## JWT\n\n### Configuration\n\n```javascript\nconst jwtSettings = {\n  algorithm: 'HS256',\n  expiresIn: '7d',\n  audience: 'TREEHOUSE-AUTH',\n  issuer: 'treehouse-authentication',\n  secretOrKey: '5kZxE|gZu1ODB183s772)/3:l_#5hU3Gn5O|2ux3\u0026lhN@LQ6g+\"i$zqB_C\u003c6',\n};\n```\n\n\u003e You can find all possible configuration options at [Github: node-jsonwebtoken](https://github.com/auth0/node-jsonwebtoken)\n\n### createJwt(payload, jwtSettings)\n\nReturns a json webtoken with the provided payload and configuration. (**Asynchronous**)\n\n### authenticateJwt(token, jwtSettings)\n\nReturns a decoded jwt token when the provided token is still valid. (**Asynchronous**)\n\n### decodeJwt(token)\n\nReturns a decoded json webtoken. This does not validate the token. (**Synchronous**)\n\n## Sessions\n\n### getSession(options)\n\nReturns an express middleware function to use on session based routes using the `express-session` module. (**Synchronous**)\n\n```javascript\nconst app = express();\n\nconst session = getSession({\n  secret: 'mySuperSecretSecret'\n});\n\napp.use(session);\n```\n\n- [All available express-session options](https://github.com/expressjs/session)\n\n## Two-factor authentication\n\nTwo-factor authentication functions using the `speakeasy` module.\n\n### generate2FAKey(options)\n\nReturns two-factor authentication key with base32 and otp-authentication url needed for QR code generation\n\n```javascript\nconst { otpauth_url, base32, ... } = generate2FAKey();\n```\n\n- [All available speakeasy options](https://github.com/speakeasyjs/speakeasy)\n\n### generateQrCode(options)\n\nReturns QR code image data, user secret, and url (if you wish to have a custom qr code implementation)\n\n```javascript\nconst { imageData, secret, url } = generateQrCode(options);\n```\n\n- [All available speakeasy options](https://github.com/speakeasyjs/speakeasy)\n\n### verifyToken(secret, token)\n\nVerify whether a token is valid depending on a provided user secret (returns true/false)\n\n```javascript\nconst isValidCode = verifyToken('userSecret', 021214);\n```\n\n## LDAP\n\n\n\n### CreateLdapClient(clientOptions, dnString, password)\n\n- [All available ldapClient options](http://ldapjs.org/client.html)\n\nWARNING !! : unbind function does not work in node 10\nSee (https://github.com/joyent/node-ldapjs/issues/483)\n\n### searchUsers(ldapClient, dnString, filterOptions)\n\n- [All available filter options](http://ldapjs.org/client.html)\n\n#### Example\n\n```javascript\nconst clientOptions = {\n  url: 'ldap://ldap.forumsys.com',\n  port: '389',\n};\nconst dnString = 'cn=read-only-admin,dc=example,dc=com';\nconst password = 'password';\n\n// create a client instance that is connected with the directory server\nconst client = createLdapClient(clientOptions, dnString, password);\n\nconst searchDn = 'dc=example,dc=com';\nconst filterOptions = {\n        filter: '(objectClass=*)',\n        scope: 'sub',\n      };\n\n//Search users in the directory server\nconst users = await searchUsers(client,searchDn, filterOptions)\n```\n\n## SAML\n\n### createLoginRequest(serviceProvider, identityProvider, binding)\n\nReturns a login url to the identity provider\n\n### parseSAMLResponse(serviceProvider, identityProvider, request)\n\nParses the SAML request to a JSON object\n\n### createLogout(serviceProvider, identityProvider, user, redirectUrl?)\n\nCreates an SSO logout url for the given user (sp initiated)\n\n### createServiceProvider(xmlMetaData: string | Buffer, args: ServiceProviderSettings = {})\n\nCreates a service provider object to interact with.\n\n- [All service provider options](https://samlify.js.org/#/sp)\n\n### createIdentityProvider(xmlMetaData: string | Buffer, args: IdentityProviderSettings = {})\n\nCreates an identityProvider object to interact with\n\n- [All identity provider options](https://samlify.js.org/#/sp)\n\n#### Example\n\n```javascript\n const serviceProvider = createServiceProvider(...);\n const identityProvider = createIdentityProvider(...);\n\n  // Login\n  async (req, res) =\u003e {\n    const loginUrl = createLoginRequest(serviceProvider, identityProvider, 'redirect')\n    res.redirect(loginUrl);\n  }\n\n  // The identity provider will send SAML response upon successful authentication\n  // We will validate the response\n  async (req, res) =\u003e {\n    const user = parseSAMLResponse(serviceProvider, identityProvider, req);\n    if (user) { /* business logic} */ }\n  }\n\n  // Logout\n  async (req, res) =\u003e {\n    const logoutUrl = createLogout(serviceProvider, identityProvider, user, redirectUrl)\n    res.redirect(logoutUrl)\n  }\n\n\n```\n\n- [All available samlify options](https://github.com/tngan/samlify)\n\n## Utilities\n\n### generateRandomHash(algorithm (optional), secret (optional))\n\nReturns a random hash (can be used for tokens) (**Synchronous**)\n\n### getHashedPassword(password, saltCount)\n\nReturns a hashed password. (**Asynchronous**)\n\n### comparePassword(password, hashedPw)\n\nCheck whether a password is valid compared with a hashed password. (**Asynchronous**)\n\n### hashPassword(password, options = { algorithm, key, iv})\n\nHash a password. (**Asynchronous**)\n\n### dehashPassword(password, options = { algorithm, key, iv})\n\nDehash a password. (**Asynchronous**)\n\n## Tests\n\n  You can run `npm run test` to run all tests\n  You can run `npm run test:coverage` to run all tests with coverage report\n\n## Authors\n\nSee the list of [contributors](https://github.com/icapps/tree-house-authentication/contributors) who participated in this project.\n\n## License\n\nThis project is licensed under the ISC License - see the [LICENSE.md](LICENSE.md) file for details\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ficapps%2Ftree-house-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ficapps%2Ftree-house-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ficapps%2Ftree-house-authentication/lists"}