Skip to content
login and logout routes for lockit
JavaScript HTML Other
Find file
Latest commit a8f6939 Nov 2, 2015 @zemirco Merge pull request #11 from kulakowka/master
Update README.md
Failed to load latest commit information.
test
views use bootstrap responsive classes an set autocomplete to off May 27, 2014
.eslintrc
.gitignore
.npmignore
.travis.yml remove grunt from dev deps Jul 3, 2015
History.md fix #8 and add eslint Jul 23, 2015
Makefile update dependencies Jul 3, 2015
README.md Update README.md Nov 2, 2015
index.js
package.json 1.1.6 Jul 23, 2015

README.md

Lockit login

Build Status NPM version Dependency Status

Log in users to your Express app. The module is part of Lockit.

Installation

npm install lockit-login

var Login = require('lockit-login');
var utils = require('lockit-utils');
var config = require('./config.js');

var db = utils.getDatabase(config);
var adapter = require(db.adapter)(config);

var app = express();

// express settings
// ...
// sessions are required - either cookie or some sort of db
app.use(cookieParser());
app.use(cookieSession({
  secret: 'this is my super secret string'
}));

// create new Login instance
var login = new Login(config, adapter);

// use login.router with your app
app.use(login.router);

// listen to events [optional]
login.on('login', function(user, res, target) {
  res.send('Welcome ' + user.name);
})

Configuration

More about configuration at Lockit.

Features

  • two-factor authentication
  • track failed log in attempts
  • lock account after too many failed login attempts
  • track time and ip of log ins
  • redirect unauthorized users to /login and save requested url to session
  • input validation
  • allow login with username and/or email

Routes included

  • GET /login
  • POST /login
  • POST /login/two-factor
  • POST /logout

REST API

If you've set exports.rest in your config.js the module behaves as follows.

  • all routes have /rest prepended
  • GET /rest/login is next()ed and you can catch /login on the client
  • POST /rest/login stays the same but sends JSON
  • POST /rest/login/two-factor stays the same but sends JSON
  • POST /rest/logout sends JSON and you can catch /logout on the client

Test

make test

License

MIT

Something went wrong with that request. Please try again.