Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/VirgilSecurity/demo-twilio-backend-nodejs
A sample backend that demonstrates how to generate a Virgil JWT and Twilio token used for authentication with the Virgil and Twilio services
https://github.com/VirgilSecurity/demo-twilio-backend-nodejs
chat crypto cryptography demo encryption end-to-end-encryption jwt messenger sample-backend secure-the-future secured-by-virgil twilio twilio-chat
Last synced: 2 months ago
JSON representation
A sample backend that demonstrates how to generate a Virgil JWT and Twilio token used for authentication with the Virgil and Twilio services
- Host: GitHub
- URL: https://github.com/VirgilSecurity/demo-twilio-backend-nodejs
- Owner: VirgilSecurity
- License: bsd-3-clause
- Created: 2015-12-01T13:23:53.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2022-12-30T19:57:53.000Z (almost 2 years ago)
- Last Synced: 2024-07-31T19:38:33.562Z (5 months ago)
- Topics: chat, crypto, cryptography, demo, encryption, end-to-end-encryption, jwt, messenger, sample-backend, secure-the-future, secured-by-virgil, twilio, twilio-chat
- Language: JavaScript
- Homepage: https://developer.virgilsecurity.com/docs/use-cases/v5/encrypted-communication-for-twilio
- Size: 6.03 MB
- Stars: 127
- Watchers: 31
- Forks: 21
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# Twilio Sample Backend for Node.js
This repository contains a sample backend code that demonstrates how to combine Virgil and Twilio JWT generation, which are used for authentication with the Virgil and Twilio services.
> Do not use this authentication in production. Requests to a /virgil-jwt and /twilio-jwt endpoints must be allowed for authenticated users. Use your application authorization strategy.
## Prerequisites
- [NodeJS](https://nodejs.org) from 10 to 13
## Set up and run demo
### Clone
Clone the repository from GitHub.
```
$ git clone https://github.com/VirgilSecurity/twilio-sample-backend-nodejs.git
```### Get Virgil Credentials
If you don't have an account yet, [sign up for one](https://dashboard.virgilsecurity.com/signup) using your e-mail.
#### You can download a ready-to-use .env file
1. Navigate to the Virgil Dashboard -> Your Application -> E3Kit Section.
2. Generate `.env` in the **.env file** section.
3. Download the generated file, paste it into the project root folder and rename it to `.env`.#### Or you can add the parameters manually:
To generate a Virgil JWT the following values are required:
| Variable Name | Description |
|-----------------------------------|--------------------------------|
| APP_ID | ID of your Virgil Application. |
| APP_KEY | Private key of your App that is used to sign the JWTs. |
| APP_KEY_ID | ID of your App Key. A unique string value that identifies your account in the Virgil Cloud. |1. Copy and rename `.env.example` to `.env`.
2. Create Application in the Virgil Dashboard, copy its `APP_ID` to the `.env` file;
3. Create App Key and save its private key value to `APP_KEY` line in the `.env` file;
4. Copy ID of the created key to `APP_KEY_ID` line in the `.env` file;### Get Twilio Credentials
To generate a Twilio JWT the following values are required:
| Variable Name | Description |
|-----------------------------------|--------------------------------|
| TWILIO_ACCOUNT_SID | Your primary Twilio account identifier - [find this in the console here.](https://www.twilio.com/console) |
| TWILIO_API_KEY_SID | SID of Twilio Api Key. Used for authentication on Twilio services. Generated with TWILIO_API_SECRET|
| TWILIO_API_SECRET | Twilio API key secret: [generate one here](https://www.twilio.com/console/chat/runtime/api-keys) |
| TWILIO_SERVICE_SID | A service instance where all the data for our application is stored and scoped. [Generate one in the console here.](https://www.twilio.com/console/chat/dashboard) |Add this parameters to your `.env` file.
### Install Dependencies and Run the Server
```
$ npm install
$ npm run start
```
Now, use your client code to make a request to get a JWT from the sample backend that is working on http://localhost:3000.Along with the backend we provide a demonstration of a simple client chat interacting with Virgil API, which you can see if you navigate to http://localhost:3000 at your browser. The sample chat code is located in the the [`public`](https://github.com/VirgilSecurity/demo-twilio-backend-nodejs/tree/master/public) directory.
## Specification
### /authenticate endpoint
This endpoint is an example of users authentication. It takes user `identity` and responds with unique token.```http
POST https://localhost:3000/authenticate HTTP/1.1
Content-type: application/json;{
"identity": "string"
}Response:
{
"authToken": "string"
}
```### /virgil-jwt endpoint
This endpoint checks whether a request is authenticated by an authorization header. It takes user's `authToken`, finds related user identity and generates a `virgilToken` (which is [JSON Web Token](https://jwt.io/)) with this `identity` in a payload. Use this token to make authorized API calls to Virgil Cloud.```http
GET https://localhost:3000/virgil-jwt HTTP/1.1
Content-type: application/json;
Authorization: BearerResponse:
{
"virgilToken": "string"
}
```### /twilio-jwt endpoint
Same as Virgil token endpoint Twilio endpoint should be protected and responds with `twilioToken`.```http
GET https://localhost:3000/twilio-jwt HTTP/1.1
Content-type: application/json;
Authorization: BearerResponse:
{
"twilioToken": "string"
}
```## Virgil JWT Generation
To generate a Virgil JWT, you need to use the `JwtGenerator` class from the Virgil SDK.```js
const virgilCrypto = new VirgilCrypto();const generator = new JwtGenerator({
appId: process.env.APP_ID,
apiKeyId: process.env.API_KEY_ID,
apiKey: virgilCrypto.importPrivateKey(process.env.API_PRIVATE_KEY),
accessTokenSigner: new VirgilAccessTokenSigner(virgilCrypto)
});```
Then you need to provide an HTTP endpoint which will return the JWT with the user's identity as a JSON.
For more details take a look at the [virgilToken.js](api/virgilToken.js) file.
## License
This library is released under the [3-clause BSD License](LICENSE.md).
## Support
Our developer support team is here to help you. Find out more information on our [Help Center](https://help.virgilsecurity.com/).
You can find us on [Twitter](https://twitter.com/VirgilSecurity) or send us email [email protected].
Also, get extra help from our support team on [Slack](https://virgilsecurity.com/join-community).