{"id":23246472,"url":"https://github.com/openware/node-auth-barong","last_synced_at":"2025-07-20T08:05:59.991Z","repository":{"id":35061749,"uuid":"201923495","full_name":"openware/node-auth-barong","owner":"openware","description":null,"archived":false,"fork":false,"pushed_at":"2022-12-30T18:24:59.000Z","size":579,"stargazers_count":4,"open_issues_count":14,"forks_count":8,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-07-18T14:53:52.752Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openware.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-08-12T12:11:52.000Z","updated_at":"2025-02-17T03:25:37.000Z","dependencies_parsed_at":"2023-01-15T13:01:03.891Z","dependency_job_id":null,"html_url":"https://github.com/openware/node-auth-barong","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/openware/node-auth-barong","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openware%2Fnode-auth-barong","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openware%2Fnode-auth-barong/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openware%2Fnode-auth-barong/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openware%2Fnode-auth-barong/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openware","download_url":"https://codeload.github.com/openware/node-auth-barong/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openware%2Fnode-auth-barong/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266087790,"owners_count":23874519,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-19T07:15:13.095Z","updated_at":"2025-07-20T08:05:59.948Z","avatar_url":"https://github.com/openware.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# node-auth-barong\n\nThis Express Middleware package can:\n\n* Validate JsonWebTokens returned from barong and sets `req.session`.\n* Sign a JWT with a private Key and encode request on either Peatio or Barong management API's\n\nThis module lets you validate JWT from HTTP requests using `jsonwebtoken` library in your Node.js\napplications and sign JWT's with application private key. JWTs are typically used to protect API endpoints.\n\n## Install\n\n    $ npm install node-auth-barong\n\n## Usage\n\nThere are two middlewares you can use from this package\n\n### sessionVerifier\n\nThis JWT authentication middleware authenticates Barong session using a JWT.\nIf the token is valid, `req.session` will be set with the JSON object decoded\nto be used by later middleware for authorization and access control.\n\nExample of `req.session` object:\n\n```\n{ iat: 1565687278,\n  exp: 1565693278,\n  sub: 'session',\n  iss: 'barong',\n  aud: [ 'peatio', 'barong' ],\n  jti: '1111111111',\n  uid: 'ID123123123',\n  email: 'admin@barong.io',\n  role: 'admin',\n  level: 3,\n  state: 'active',\n  referral_id: null }\n```\n\nFor example,\n\n```javascript\nvar barongJwt = require('node-auth-barong');\nconst barongJwtPublicKey = Buffer.from(process.env.BARONG_JWT_PUBLIC_KEY.trim(), 'base64').toString('utf-8')\n\napp.get('/protected',\n  barongJwt.sessionVerifier({barongJwtPublicKey: barongJwtPublicKey}),\n  function(req, res) {\n    if (!req.user.admin) return res.sendStatus(401);\n    res.sendStatus(200);\n  });\n```\n\nYou can specify audience and/or issuer as well:\n\n```javascript\nbarongJwt.sessionVerifier({ barongJwtPublicKey: 'decoded public key',\n  audience: 'barong',\n  issuer: 'http://issuer' })\n```\n\nAvailable options for verification:\n\n  * **algorithms**: List of strings with the names of the allowed algorithms. For instance, [\"HS256\", \"HS384\"].\n  * **audience**: if you want to check audience (aud), provide a value here. The audience can be checked against a string, a regular expression or a list of strings and/or regular expressions. Eg: \"urn:foo\", /urn:f[o]{2}/, [/urn:f[o]{2}/, \"urn:bar\"]\n  * **issuer** (optional): string or array of strings of valid values for the iss field.\n  * **ignoreExpiration**: if true do not validate the expiration of the token.\n  * **subject**: if you want to check subject (sub), provide a value here\n  * **clockTolerance**: number of seconds to tolerate when checking the nbf and exp claims, to deal with small clock differences among different servers\n  * **maxAge**: the maximum allowed age for tokens to still be valid. It is expressed in seconds or a string describing a time span zeit/ms. Eg: 1000, \"2 days\", \"10h\", \"7d\". A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default (\"120\" is equal to \"120ms\").\n  * **clockTimestamp**: the time in seconds that should be used as the current time for all necessary comparisons.\n\n\u003e If the JWT has an expiration (`exp`), it will be checked.\n\nIf you are using a base64 URL-encoded secret, pass a `Buffer` with `base64` encoding as the secret instead of a string:\n\n```javascript\nbarongJwt.sessionVerifier({ barongJwtPublicKey: new Buffer('base64encoded', 'base64') })\n```\n\nInstead of decoding you can also specify the path to public key:\n\n```javascript\nvar publicKey = fs.readFileSync('/path/to/public.pub');\nbarongJwt.sessionVerifier({ barongJwtPublicKey: publicKey });\n```\n\n### managementSigner\n\nThis middleware uses JWT library to sign a request that is sent to either **Barong** or **Peatio** management API.\n\nThe middleware takes `req.management.payload` object and signs it with private key, formatting the payload in the right for management api way.  After the  payload is signed and formatted, its assigned to `req.body` object as request parameters. This request parameters then can be used by the next middleware to send a request to either **Barong** or **Peatio**. \nUsage example: \n\n```javascript\napp.post('/api/v2/deposit', function( req, res, next) {\n\t# Verifing if the user is an admin and allowed to make a deposit\n    if (req.session.role =! \"admin\") {\n      res.status(401);\n      res.send(`Deposit submittion is allowed only for admins`);\n    }\n    # Creating req.management.payload object to send a request to /api/v2/management/deposits/new\n    \n    req.management = { payload: {\n        uid: req.session.uid,\n        currency: req.body.currency_id,\n        amount: req.body.amount\n        }\n    }\n    \n    next();\n    # Using managementSigner middleware we've signed the req.management.payload object and assigned it to req.body object with correct formatting\n}, barongAuth.managementSigner({privateKey: appPrivateKey}), function(req,res) {\n    # Using request middleware we've sent a request to Peatio management API to create a new deposit for current user.\n\n    request({\n      method: \"POST\",\n      uri:  `${global.gConfig.peatio_url}/api/v2/management/deposits/new`,\n      json: true,\n      body: req.body\n    }, (err, result, body) =\u003e {\n      res.json(body)\n      if (err) {\n          return console.error(err);\n      }\n    });\n})\n```\n\n**WARNING! privateKey option is mandatory, otherwise your request won't be signed** \n\nAvailable options for signing:\n\n* **jwtAlgorithm**: string with the name of the algorithm. For instance, \"RS256\".\n* **jwtKid**: key identifier parameter. For instance, \"applogic\"\n* **jwtExpireDate**: the maximum allowed age for tokens to still be valid. It is expressed in seconds or a string describing a time span zeit/ms. Eg: 1000, \"2 days\", \"10h\", \"7d\". A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default (\"120\" is equal to \"120ms\").\n\n## Examples\n\n**Example app** that uses node-auth-barong can be found [**here**](\u003chttps://github.com/openware/nodelogic\u003e)\n\n## Related Modules\n\n- [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) — JSON Web Token sign and verification\n\n## Tests\n\n    $ npm install\n    $ npm test\n\n## Contributors\nCheck them out [here](https://github.com/auth0/express-jwt/graphs/contributors)\n\n## Issue Reporting\n\nIf you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker.\n\n## Author\n\n[Openware](https://www.openware.com)\n\n## License\n\nThis project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenware%2Fnode-auth-barong","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenware%2Fnode-auth-barong","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenware%2Fnode-auth-barong/lists"}