Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Utilities module for lockit
JavaScript Makefile
Branch: master
Failed to load latest commit information.
docs update docs
test update dependencies
.eslintrc use eslint
.gitignore fix .gitignore
.npmignore tell npm to ignore docs folder
.travis.yml update dependencies
History.md update changelog
Makefile use make instead grunt
README.md update dependencies
index.js update dependencies
package.json 0.5.3

README.md

Lockit utilities

Build Status NPM version

Small utilities module for lockit.

Installation

npm install lockit-utils

var utls = require('lockit-utils');

Configuration

// redirect target when requesting restricted page
exports.login = {
  route: '/login'
};

// database connection string
// CouchDB
exports.db = 'http://127.0.0.1:5984/';

// MongoDB
// exports.db = {
//   url: 'mongodb://127.0.0.1/',
//   name: 'test',
//   collection: 'users'
// };

// PostgreSQL
// exports.db = {
//   url: 'postgres://127.0.0.1:5432/',
//   name: 'users',
//   collection: 'my_user_table'
// };

// MySQL
// exports.db = {
//   url: 'mysql://127.0.0.1:3306/',
//   name: 'users',
//   collection: 'my_user_table'
// };

// SQLite
// exports.db = {
//   url: 'sqlite://',
//   name: ':memory:',
//   collection: 'my_user_table'
// };

Features

  • protect routes from unauthorized access and redirect
  • get database and lockit adapter from connection string
  • generate link to QR code image for two-factor auth
  • verify provided two-factor token
  • destroy a session (works with cookie sessions and session stores)

Methods

restrict([config])

Prevent users who aren't logged-in from accessing routes. Use login.route for redirection. Function also remembers the requested url and user is redirected after successful login. If rest is enabled you'll get a 401 response.

  • config Object optional - Configuration object

    • login String - Route that handles the login process - default '/login'

Example

config.js

exports.login = {
  route: '/login'
};

app.js

var config = require('./config.js');
app.get('/private', utils.restrict(config), function(req, res) {
  res.send('only a logged in user can see this');
})

getDatabase(config)

Get type of database and database adapter name from connection information.

  • config Object - Configuration object

    • db String, Object - Database connection string / object

Returns

  • Object - Object containing database type and adapter

Example

config.js (CouchDB)

exports.db = 'http://127.0.0.1:5984/';

config.js (all other DBs)

exports.db = {
  url: 'postgres://127.0.0.1:5432/',
  name: 'users',
  collection: 'my_user_table'
}

app.js

var config = require('./config.js');
var db = util.getDatabase(config);
// {
//   type: 'couchdb',
//   adapter: 'lockit-couchdb-adapter'
// }

qr(config)

Generate link to QR code, uses Google Charts.

  • config Object - Configuration object

    • key String - Individual random key for user

    • email String - User email for Google Authenticator app

    • issuer String - Issuer for Google Authenticator - default 'Lockit'

Returns

  • String - URL for QR code

Example

var config = {
  key: 'abcd1234',
  email: 'mirco.zeiss@gmail.com'
};
var link = util.qr(config);
// https://chart.googleapis.com/chart?chs=200x200&cht=qr&chl=otpauth%3A%2F%2Ftotp%2FLockit%3Amirco.zeiss%40gmail.com%3Fsecret%3DMFRGGZBRGI2DI%3D%3D%3D%26issuer%3DLockit

verify(token, key, [options])

Verify a two-factor authentication token, uses time-based one-time password algorithm (totp). To be used with Google Authenticator.

  • token String - The two-factor token to verify

  • key String - The individual key for the user

  • options Object optional - Options object for notp#totp.verify

    • window String - Allowable margin for counter - default 6

    • time Number - Time step of counter in seconds - default 30

Returns

  • Boolean - true if token is valid

Example

var key = 'abcd1234';
var token = '236709';
var valid = util.verify(token, key);
if (valid) {
  // continue here
}

destroy(req, done)

Destroy the current session. Works with cookie sessions and session stores.

  • req Object - The default Express request object

  • done function - Function executed when session is destroyed

Example

util.destroy(req, function() {
  // user is now logged out
});

pipe(source, target)

Pipe events from source to target. source can be a single event emitter or an Array of event emitters.

  • source Object, Array - Single event emitter or Array of event emitters

  • target Object - Single event emitter

Example

var util = require('util');
var events = require('events');
var utils = require('lockit-utils');

var Child = function() {};
util.inherits(Child, events.EventEmitter);

var Mother = function() {};
util.inherits(Mother, events.EventEmitter);

var child = new Child();
var mother = new Mother();

utils.pipe(child, mother);

mother.on('action', function(action) {
  console.log('look the child is ' + action);
});

child.emit('action', 'smiling');

Test

make test

License

MIT

Something went wrong with that request. Please try again.