Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/michielvdvelde/koa-easy-auth

Easy and simple authentication for Koa
https://github.com/michielvdvelde/koa-easy-auth

authentication authorization koa koajs

Last synced: 25 days ago
JSON representation

Easy and simple authentication for Koa

Host: GitHub
URL: https://github.com/michielvdvelde/koa-easy-auth
Owner: MichielvdVelde
License: mit
Created: 2020-03-03T21:06:58.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2020-03-11T21:20:27.000Z (almost 5 years ago)
Last Synced: 2024-12-14T16:47:32.131Z (about 2 months ago)
Topics: authentication, authorization, koa, koajs
Language: TypeScript
Homepage: https://github.com/MichielvdVelde/koa-easy-auth
Size: 31.3 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # koa-easy-auth

Easy and simple authentication for [Koa](https://github.com/koajs/koa).

* Uses the `Authorization` header

* Supports multiple authorization type strategies

Extracted from a personal project in which I required simple, no-nonsense

authentication with support for multiple authorization types.

[Koa](https://koajs.com/) is marked as a peer dependency; you'll need to install Koa yourself.

## Install

Versions `0.x.x` are considered unstable and may have breaking changes (i.e. does

not follow semver). When ready, version 1 will be the first stable release and

will follow semver from then on.

```

npm i koa-easy-auth

```

## Example

See the source code for more specifics.

```ts

import Koa from 'koa'

import Authentication from 'koa-simple-auth'

import createError from 'http-errors'

import basicAuth from 'basic-auth'

// optional state interface/type

interface State {

  user: string

}

const app = new Koa()

const auth = new Authentication()

// Add a strategy for the `Basic` authorization type

// NOTE: strategies are NOT middleware, a new strategy for the same type

// will REPLACE the old strategy!

auth.use('Basic', async ctx => {

  const credentials = basicAuth(ctx.req)

  

  // usually we'd do some checking here to see

  // if the supplied user name and password are correct

  if (credentials.pass !== 'secret') {

    throw createError(401, 'Invalid password')

  }

  

  // now we can update the state

  ctx.state.user = credentials.user

  

  // optional strategy parameters, are exposed in the WWW-Authenticate header

}, { realm: 'my-realm', charset: 'UTF-8' })

// Add a second strategy

auth.use('Token', async ctx => {

  const token = ctx.req.headers.authorization.split(' ')[1]

  

  if (token !== 'token') {

    throw createError(401, 'Invalid token')

  }

  

  // get user name somehow

  ctx.state.user = 'me'

})

// add the middleware for the `Basic` strategy only

app.use(auth.middleware('Basic'))

app.use(async ctx => {

  const { state } = ctx

  const { user } = state

  

  ctx.body = `Hello, you are ${user}!`

})

app.listen(3000)

```

## License

Copyright 2020 Michiel van der Velde.

This software is licensed under [the MIT License](LICENSE).