{"id":17736714,"url":"https://github.com/parro-it/micro-authentic","last_synced_at":"2025-03-31T19:17:19.754Z","repository":{"id":66074148,"uuid":"53278149","full_name":"parro-it/micro-authentic","owner":"parro-it","description":"Adaptation of authentic-server that work with micro.","archived":false,"fork":false,"pushed_at":"2016-03-07T17:01:45.000Z","size":59,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-04-15T00:06:09.120Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/parro-it.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-03-06T21:52:37.000Z","updated_at":"2024-04-15T00:06:09.120Z","dependencies_parsed_at":"2023-03-20T13:49:27.482Z","dependency_job_id":null,"html_url":"https://github.com/parro-it/micro-authentic","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parro-it%2Fmicro-authentic","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parro-it%2Fmicro-authentic/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parro-it%2Fmicro-authentic/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parro-it%2Fmicro-authentic/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/parro-it","download_url":"https://codeload.github.com/parro-it/micro-authentic/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246523847,"owners_count":20791444,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-26T00:24:10.182Z","updated_at":"2025-03-31T19:17:19.711Z","avatar_url":"https://github.com/parro-it.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Micro Authentic #\n\nAdaptation of [authentic-server](https://github.com/davidguttman/authentic-server.git) that work with [micro](https://github.com/zeithq/micro).\n\n[authentic-server](https://github.com/davidguttman/authentic-server.git) is the server component of [authentic](https://github.com/davidguttman/authentic). It provides endpoints for signup, login, confirm, and password change.\n\n\n[![Travis Build Status](https://img.shields.io/travis/parro-it/micro-authentic.svg)](http://travis-ci.org/parro-it/micro-authentic)\n[![NPM module](https://img.shields.io/npm/v/micro-authentic.svg)](https://npmjs.org/package/micro-authentic)\n[![NPM downloads](https://img.shields.io/npm/dt/micro-authentic.svg)](https://npmjs.org/package/micro-authentic)\n\n\n## Example ##\n\n```js\nvar fs = require('fs')\nvar http = require('http')\nvar Authentic = require('authentic-server')\n\nvar auth = Authentic({\n  db: __dirname + '/users/',\n  publicKey: fs.readFileSync(__dirname + '/rsa-public.pem'),\n  privateKey: fs.readFileSync(__dirname + '/rsa-private.pem'),\n  sendEmail: function (emailOpts, cb) {\n    // send email however you'd like (nodemailer, powerdrill, etc...)\n    // emailOpts.type is either 'signup' or 'change-password-request'\n    // emailOpts.email is where to send the email\n    // see API docs for more properties like confirmToken and changeToken\n    setImmediate(cb)\n  }\n})\n\nvar server = http.createServer(auth)\n\nserver.listen(1337)\nconsole.log('Authentic enabled server listening on port', 1337)\n\n```\n\n## Installation ##\n\n```\nnpm install --save micro-authentic\n```\n\n## Module API ##\n\n### Authentic(opts) ###\n\nThis is the main entry point. Accepts an options object and returns a handler function.\n\n```js\nvar auth = Authentic({\n  db: __dirname + '/users/',\n  privateKey: fs.readFileSync(__dirname + '/rsa-private.pem'),\n  publicKey: fs.readFileSync(__dirname + '/rsa-public.pem'),\n  sendEmail: function (emailOpts, done) {\n    console.log(emailOpts)\n    setImmediate(done)\n  }\n})\n\n// auth is now a function that accepts req, res, and optional next arguments\nvar server = http.createServer(function(req, res, next){\n  auth(req, res, next)\n\n  function next (req, res) {\n    // authentic-server will call next if none of its routes match\n    // useful if you want to have other routes on the server\n    res.end('Not an authentic route')\n  }\n})\n\n// or simply\nvar server = http.createServer(auth)\n```\n\n#### options ####\n\n`Authentic()` takes an options object as its first argument, several of them are required:\n\n* `db`: any of the following:\n  * a string location of where to open (or create if it doesn't exist) a [levelDB](https://github.com/level/level) on disk\n  * an object that has `get` and `put` methods that follow this form (see [test/fake-db.js](https://github.com/davidguttman/authentic-server/blob/master/test/fake-db.js) for an example):\n    * `get: function (key, cb) { ... }`\n    * `put: function (key, value, cb) { ... }`\n  * a `levelDB` compatible db instance (e.g. [multileveldown](https://github.com/mafintosh/multileveldown) or [levelup](https://github.com/level/levelup) + [sqldown](https://github.com/calvinmetcalf/sqldown), [dynamodown](https://github.com/davidguttman/dynamodown), [redisdown](https://github.com/hmalphettes/redisdown), etc... )\n* `privateKey`: RSA private key in PEM format. Can be created with the command: `openssl genrsa 4096 \u003e rsa-private.pem`\n* `publicKey`: RSA public key in PEM format. Can be created with the command: `openssl rsa -in rsa-private.pem -pubout \u003e rsa-public.pem`\n* `sendEmail(emailOpts, done)`: please provide function that sends email how you'd like. Use the provided `emailOpts` to craft an email, send it, and call `done(err)` when finished.\n  * Here's an [example using Mandrill/powerdrill](https://github.com/davidguttman/authentic-server/blob/master/example/send-email-mandrill.js), but [nodemailer](https://github.com/andris9/Nodemailer) or anything else would work great too.\n  * Any additional data sent in the POST will be available -- if you'd like to customize the \"from\" address or provide a \"subject\" from the client to use here, you may.\n  * If `err` is null or undefined, `authentic-server` will treat it as a success.\n  * `emailOpts` will come in one of two flavors depending on if it's a signup or a change password request:\n\n```js\n{ type: 'signup',\n  email: 'david@scalehaus.io',\n  confirmToken: '9a1dccd9f...',\n  confirmUrl: 'https://scalehaus.io/confirm?confirmToken=9a1dccd9f...', // if provided with POST to /signup\n  from: 'Authentic Accounts \u003cauth@authentc.com\u003e' // if provided with the POST to /signup\n}\n```\n\nOR\n\n```js\n{ type: 'change-password-request',\n  email: 'david@scalehaus.io',\n  changeToken: '0b4fa5904752b...',\n  changeUrl: 'https://scalehaus.io/change-password?changeToken=0b4fa5904752b...', // if provided with the POST to /change-password-request\n  from: 'Authentic Accounts \u003cauth@authentc.com\u003e' // if provided with the POST to /change-password-request\n} }\n```\n\nOptional:\n\n* `prefix`: defaults to `/auth`. This is the path prefix for all `authentic-server` API endpoints. For example if you set prefix to `/awesome`, the endpoints will be `/awesome/signup`, `/awesome/login`, `/awesome/confirm`, etc...\n* `expiresIn`: defaults to `\"30d\"`. This is how long it takes before the token expires. Expressed in seconds or a string describing a time span [rauchg/ms](https://github.com/rauchg/ms.js). Eg: `60`, `\"2 days\"`, `\"10h\"`, `\"7d\"`\n\n## Server API ##\n\n### POST `/auth/signup`\n\nAccepts a JSON object:\n\n```js\n{\n    \"email\": \"david@scalehaus.io\", // required\n    \"password\": \"notswordfish\", // required\n    \"confirmUrl\": \"https://yourwebapp.com/path/to/confirmation\", // optional, if included will have ?email=${email}\u0026confirmToken=${confirmToken} automatically added\n    \"from\": \"Authentic Accounts \u003cauth@authentc.com\u003e\", // additional data will be provided to sendEmail\n    \"provide\": \"anything you'd like\" // you can pass anything you'd like\n}\n```\n\nThis endpoint will create the user in an \"unconfirmed\" state (can't login), and it will email the user with the specified url with an additional `?confirmToken=d619f2d02...` parameter added. On success will respond:\n\n```\n{\n    \"success\": true,\n    \"message\": \"User created. Check email for confirmation link.\",\n    \"data\": {\n        \"email\": \"david@scalehaus.io\",\n        \"createdDate\": \"2015-11-05T22:39:22.994Z\"\n    }\n}\n```\n\n### POST `/auth/confirm`\n\nAccepts a JSON object:\n\n```\n{\n    \"email\": \"david@scalehaus.io\",\n    \"confirmToken\": \"d619f2d02aea5b091afba5ae01b8183203215c880b327cbc290562ecbd66\"\n}\n```\n\nIf the `confirmToken` is correct, will set the user as \"confirmed\" (can now login), and will also respond with an `authToken` for immediate use:\n\n```\n{\n    \"success\": true,\n    \"message\": \"User confirmed.\",\n    \"data\": { \"authToken\": \"eyJ0e...\" }\n}\n```\n\n### POST `/auth/login`\n\nAccepts a JSON object:\n\n```\n{\n    \"email\": \"david@scalehaus.io\",\n    \"password\": \"notswordfish\"\n}\n```\n\nThis endpoint will check the email/password and will respond with an `authToken` if correct:\n\n```\n{\n    \"success\": true,\n    \"message\": \"Login successful.\",\n    \"data\": {\n        \"authToken\": \"eyJ0eXAiOiJ...\"\n    }\n}\n```\n\n### POST `/auth/change-password-request`\n\nAccepts a JSON object:\n\n```js\n{\n    \"email\": \"david@scalehaus.io\", // required\n    \"changeUrl\": \"https://yourwebapp.com/path/to/change-password\", // optional, if included will have ?email=${email}\u0026confirmToken=${confirmToken} automatically added\n    \"from\": \"Authentic Accounts \u003cauth@authentc.com\u003e\", // additional data will be provided to sendEmail\n    \"provide\": \"anything you'd like\" // you can pass anything you'd like\n}\n```\n\nThis endpoint will add a `changeToken` to the user, and it will email the user with the specified url with an additional `?changeToken=560ada2...` parameter added. On success will respond:\n\n```\n{\n    \"success\": true,\n    \"message\": \"Change password request received. Check email for confirmation link.\"\n}\n```\n\n### POST `/auth/change-password`\n\nAccepts a JSON object:\n\n```\n{\n    \"email\": \"david@scalehaus.io\",\n    \"password\": \"newawesomepassword\",\n    \"changeToken\": \"560ada2...\"\n}\n```\nThis endpoint will check if the `changeToken` is correct, and if it is it will change the user's password to the one provided and will respond with an `authToken`:\n\n```\n{\n    \"success\": true,\n    \"message\": \"Password changed.\",\n    \"data\": {\n        \"authToken\": \"eyJ0eXAiOiJ...\"\n    }\n}\n```\n\n### GET `/auth/public-key`\n\nResponds with the server's public key. This is what allows your other services to decrypt the `authToken` and know who the user is and that the data was encrypted by this server.\n\n```\n{\n    \"success\": true,\n    \"data\": {\n        \"publicKey\": \"-----BEGIN PUBLIC KEY-----\\nMIICIjANB...\"\n    }\n}\n```\n\n# License #\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparro-it%2Fmicro-authentic","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fparro-it%2Fmicro-authentic","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparro-it%2Fmicro-authentic/lists"}