{"id":21401449,"url":"https://github.com/spoonx/stix-security","last_synced_at":"2025-03-16T16:16:17.190Z","repository":{"id":34072890,"uuid":"168591929","full_name":"SpoonX/stix-security","owner":"SpoonX","description":"A security module for stix using stix-gates. Provides gates for authentication methods.","archived":false,"fork":false,"pushed_at":"2022-12-22T09:54:01.000Z","size":204,"stargazers_count":1,"open_issues_count":7,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-12T04:35:57.102Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SpoonX.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-31T20:31:15.000Z","updated_at":"2019-06-27T09:19:32.000Z","dependencies_parsed_at":"2023-01-15T04:25:21.786Z","dependency_job_id":null,"html_url":"https://github.com/SpoonX/stix-security","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoonX%2Fstix-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoonX%2Fstix-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoonX%2Fstix-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoonX%2Fstix-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SpoonX","download_url":"https://codeload.github.com/SpoonX/stix-security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243893897,"owners_count":20364919,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-22T15:27:51.784Z","updated_at":"2025-03-16T16:16:17.163Z","avatar_url":"https://github.com/SpoonX.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Stix-security\n\n\u003e This module currently only offers a bearer authentication gate.\n\n[![Slack Status](https://spoonx-slack.herokuapp.com/badge.svg)](https://spoonx-slack.herokuapp.com)\n\nA [stix](https://github.com/SpoonX/stix) module that provides gates for default authentication/security methods.\n\n## Installation\n\n1. `yarn add stix-security`\n2. Add to your `config/modules.ts`.\n\t```ts\n   \timport { Security } from 'stix-security';\n\n\texport const modules = [\n\t  /* ... */\n     Security,\n   ];\n\t```\n3. ~~Storm~~ Use the gates.\n\n## Usage\n\nSimply import the desired gate and add it in your config. See the examples below. More info on gates can be found [in the docs](https://stixjs.io/docs/modules/stix-gates/gates-usage).\n\n## Available gates\n\nEach gate implements support for a specific authentication method.\n\n### BearerGate\n\nThe BearerGate is for basic header auth using a Bearer.\n\n```\nAuthorization: Bearer some.jwt.here\n```\n\nThis gate:\n\n- Verifies that the header exists\n- Verifies the header is properly formatted\n- Verifies that the token is valid\n\nIf these checks fail the request will be denied (unauthorized).\n\nThe payload and token will be set on and accessible from:\n\n- `ctx.state.authorization`.\n\n### Configuration\n\nThe only required configuration value for this gate is `secret` used to validate the JWT.\n\n```ts\nimport { SecurityConfig } from 'stix-security';\n\nexport const security: SecurityConfig = {\n  schemes: {\n    bearer: {\n      options: {\n        secret: 'A SECRET HERE',\n      },\n    },\n  },\n};\n```\n\n### Example\n\n```ts\nimport { GateManagerConfigType } from 'stix-gates';\nimport { BearerGate } from 'stix-security';\n\nexport const gate: GateManagerConfigType = {\n  rules: new Map\u003cany, any\u003e([\n    [ SomeController, { someAction: BearerGate } ],\n  ]),\n};\n```\n\n## Todo\n\nThe following gates still have to be built.\n\n- basic\n- apiKey\n- openIdConnect\n- oauth2\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspoonx%2Fstix-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspoonx%2Fstix-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspoonx%2Fstix-security/lists"}