Skip to content

mcollina/fastify-auth-mongo-jwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

index.js

index.js

 
 

package.json

package.json

 
 

routes.js

routes.js

 
 

test.js

test.js

 
 

Repository files navigation

fastify-auth-mongo-jwt

Sample user-management (signup, login) with Fastify and JWT, on top of MongoDB.

This plugin sends credentials in plain text, and it implies that HTTPS is used to protect the application.

Install

npm i @matteo.collina/fastify-auth-mongo-jwt

Usage

'use strict'

const Fastify = require('fastify')
const AuthMongoJwt = require('@matteo.collina/fastify-auth-mongo-jwt')

const app = Fastify()

app.register(AuthMongoJwt, {
  auth: {
    secret: 'thisisalongsecretjustfortests'
  },
  mongodb: {
    url: 'mongodb://mongo/mydb',
    w: 1,
    useNewUrlParser: true
  }
})

app.register(async function (app, opts) {
  app.addHook('preHandler', function (req, reply) {
    return req.jwtVerify()
  })

  app.get('/username', async function (req, reply) {
    return req.user.username
  })
}, { prefix: '/protected' })

REST routes

This fastify plugin offers the following routes.

POST /signup

Accepts the following body:

{
  "username": 'a unique thing',
  "password": 'a long password'
}

It will return a JWT token, encapsulated with an object:

{
  "status": 'ok',
  "token": 'a jwt token'
}

GET /me

Requires the Authorization: Bearer TOKEN header. Returns the current user if the token is valid

{
  "username": 'a unique thing'
}

POST LOGIN

Accepts the following body:

{
  "username": 'a unique thing',
  "password": 'a long password'
}

It will return a JWT token, encapsulated with an object:

{
  "status": 'ok',
  "token": 'a jwt token'
}

API

It adds the same decorators of fastify-jwt.

createUser(app, { username, password })

Utility function to help writing unit tests against this module. It returns a JWT token for the given user and an inject function to call HTTP endpoint with that token.

Example:

const Fastify = require('fastify')
const AuthMongoJwt = require('@matteo.collina/fastify-auth-mongo-jwt')
const { createUser } = AuthMongoJwt

async function run () {
  const app = Fastify({
    logger: {
      level: 'error'
    }
  })

  app.register(AuthMongoJwt, {
    auth: {
      secret: 'thisisalongsecretjustfortests'
    },
    mongodb: {
      url: 'mongodb://mongo/mydb',
      w: 1,
      useNewUrlParser: true
    }
  })

  app.register(async function (app, opts) {
    app.addHook('preValidation', function (req, reply) {
      return req.jwtVerify()
    })

    app.get('/username', async function (req, reply) {
      return req.user.username
    })
  }, { prefix: '/protected' })

  const {
    token, // this is the JWT token
    inject // utility function to inject with that token
  } = await createUser(app)

  const res = await inject({
    url: '/username',
    method: 'GET'
  })

  console.log(JSON.parse(res.body))
}

run()

License

MIT

About

Sample user-management (signup, login) with Fastify and JWT

Resources

Readme

License

MIT license
Activity

Stars

19 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 2

  •  
  •  

Languages