{"id":30039335,"url":"https://github.com/sutandojs/keeper","last_synced_at":"2025-08-07T01:42:03.560Z","repository":{"id":306966899,"uuid":"1009792808","full_name":"sutandojs/keeper","owner":"sutandojs","description":"Lightweight API token authentication plugin for Sutando ORM","archived":false,"fork":false,"pushed_at":"2025-06-27T18:48:36.000Z","size":5,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-28T18:55:32.055Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sutandojs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-27T18:09:15.000Z","updated_at":"2025-06-30T17:20:51.000Z","dependencies_parsed_at":"2025-07-28T18:55:34.828Z","dependency_job_id":"8c92e5ee-1fda-4f8f-abce-5285ebd07b4e","html_url":"https://github.com/sutandojs/keeper","commit_stats":null,"previous_names":["sutandojs/keeper"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/sutandojs/keeper","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sutandojs%2Fkeeper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sutandojs%2Fkeeper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sutandojs%2Fkeeper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sutandojs%2Fkeeper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sutandojs","download_url":"https://codeload.github.com/sutandojs/keeper/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sutandojs%2Fkeeper/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269185744,"owners_count":24374629,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-06T02:00:09.910Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-08-07T01:42:01.341Z","updated_at":"2025-08-07T01:42:03.503Z","avatar_url":"https://github.com/sutandojs.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# @sutando/keeper\n\n\u003e 🛡️ A lightweight authentication \u0026 API token plugin for [Sutando ORM](https://sutando.org), inspired by Laravel Sanctum.\n\n**@sutando/keeper** provides sessionless, token-based authentication for modern applications including SPAs, mobile clients, and traditional backends.\n\n---\n\n## ✨ Features\n\n- 🔐 Personal access tokens scoped to users\n- ⚙️ Extensible and database-agnostic\n- 🧩 Compatible with any Sutando Model (e.g. `User`)\n\n---\n\n## 📦 Installation\n\n```bash\nnpm install @sutando/keeper\n```\n\nOr using pnpm:\n\n```bash\npnpm add @sutando/keeper\n```\n\nAuto create migration file and run migration\n\n```bash\nsutando migrate:publish @sutando/keeper\nsutando migrate:run\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eAlternatively, you can create the token table manually\u003c/summary\u003e\n\n```js\nawait sutando.connection().schema.createTable('personal_access_tokens', (table) =\u003e {\n  table.increments('id');\n  table.string('tokenable_type').index();\n  table.integer('tokenable_id').index();\n  table.string('name');\n  table.string('token', 64).unique();\n  table.string('abilities').nullable();\n  table.datetime('last_used_at').nullable();\n  table.datetime('expires_at').nullable();\n  table.timestamps();\n\n  table.index(['tokenable_type', 'tokenable_id'], 'tokenable_index');\n});\n```\n\u003c/details\u003e\n\n---\n\n## 🔐 Usage\n\n### Setup\n\n```ts\nimport { HasApiTokens, PersonalAccessToken } from '@sutando/keeper'\nimport { sutando, Model } from 'sutando'\n\nclass User extends HasApiTokens()(Model) {\n  // your model definition\n}\n```\n\n### Issue Token\n\n```ts\nconst user = await User.query().find(1);\nconst token = await user.createToken('mobile-app');\n\n// Issue token with abilities\nconst token = await user.createToken('admin', ['read', 'write']);\n\n// Issue token with expiration date\nconst token = await user.createToken(\n  'mobile-app', ['read', 'write'], new Date(Date.now() + 7 * 86400000);\n);\n```\n\n### Validate Token\n\n```ts\nconst user = await User.findByToken(tokenString);\n\nif (user.tokenCan('read')) {\n  // Access granted\n}\n```\n\n### Revoking Tokens\n\n```ts\n// Revoke all tokens...\nawait user.tokens().delete();\n\n// Revoke the token that was used to authenticate the current request...\nawait user.currentAccessToken().delete();\n\n// Revoke a specific token...\nawait user.tokens().where('id', tokenId).delete();\n```\n\n---\n\n## 🧪 Example with Hono\n\n```ts\nimport User from './models/user'\nimport { bearerAuth } from 'hono/bearer-auth'\n\nconst auth = (ability?: string) =\u003e\n  bearerAuth({\n    verifyToken: async (token, c) =\u003e {\n      const user = await User.findByToken(token)\n      if (!user || (ability \u0026\u0026 user.tokenCant(ability))) {\n        return false\n      }\n      c.set('user', user)\n      return true\n    },\n  })\n\napp.post('/tokens/create', async (c) =\u003e {\n  const user = await User.query().find(1)\n  const token = await user.createToken('mobile-app')\n  return c.json({ token: token.plainTextToken })\n})\n\napp.get('/api/user', auth(), async (c) =\u003e {\n  const user = c.get('user')\n  return c.json(user)\n})\n\napp.get('/admin', auth('write'), handler)\n```\n\n---\n\n## 📌 API Reference\n\n### `HasApiTokens(options)`\n\n- `accessTokenModel`: Model used for token storage (optional, default: `PersonalAccessToken`)\n- `token_prefix`: Prefix for token string (optional, default: `''`)\n- `type`: Token type (optional, default: Model name)\n- `separator`: Separator for returned token string (optional, default: `|`)\n\n### `PersonalAccessToken`\n\n- `personalAccessToken.findToken(token: string): Promise\u003cPersonalAccessToken | null\u003e`\n- `personalAccessToken.can(ability: string): boolean`\n- `personalAccessToken.cant(ability: string): boolean`\n\n### `NewAccessToken`\n\n- `newAccessToken.accessToken: PersonalAccessToken`\n- `newAccessToken.plainTextToken: string`\n\n### User Model Extensions\n\n- `createToken(name: string, abilities?: string[], expires_at?: Date | string): Promise\u003cNewAccessToken\u003e`\n- `findByToken(token: string, last_used_at?: Date | string): Promise\u003cUser | null\u003e`\n- `tokenCan(ability: string): boolean`\n- `tokenCant(ability: string): boolean`\n\n---\n\n## 🔐 Security Notes\n\nAll tokens are stored as **SHA-256 hashes**, ensuring they cannot be reverse-engineered if leaked.\n\n---\n\n## 📄 License\n\nMIT © Kidd Yu\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsutandojs%2Fkeeper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsutandojs%2Fkeeper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsutandojs%2Fkeeper/lists"}