login and logout routes for lockit
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
test
views
.eslintrc
.gitignore
.npmignore
.travis.yml
History.md
Makefile
README.md
index.js
package.json

README.md

Lockit login

Build Status NPM version Dependency Status

Log in users to your Express app. The module is part of Lockit.

Installation

npm install lockit-login

var Login = require('lockit-login');
var utils = require('lockit-utils');
var config = require('./config.js');

var db = utils.getDatabase(config);
var adapter = require(db.adapter)(config);

var app = express();

// express settings
// ...
// sessions are required - either cookie or some sort of db
app.use(cookieParser());
app.use(cookieSession({
  secret: 'this is my super secret string'
}));

// create new Login instance
var login = new Login(config, adapter);

// use login.router with your app
app.use(login.router);

// listen to events [optional]
login.on('login', function(user, res, target) {
  res.send('Welcome ' + user.name);
})

Configuration

More about configuration at Lockit.

Features

  • two-factor authentication
  • track failed log in attempts
  • lock account after too many failed login attempts
  • track time and ip of log ins
  • redirect unauthorized users to /login and save requested url to session
  • input validation
  • allow login with username and/or email

Routes included

  • GET /login
  • POST /login
  • POST /login/two-factor
  • POST /logout

REST API

If you've set exports.rest in your config.js the module behaves as follows.

  • all routes have /rest prepended
  • GET /rest/login is next()ed and you can catch /login on the client
  • POST /rest/login stays the same but sends JSON
  • POST /rest/login/two-factor stays the same but sends JSON
  • POST /rest/logout sends JSON and you can catch /logout on the client

Test

make test

License

MIT