Passport strategy for authenticating with an authentication token.
This module lets you authenticate using a token in your Node.js applications. It is based on passport-local module by Jared Hanson. By plugging into Passport, token authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
$ npm install passport-auth-token
The token authentication strategy authenticates users using a token.
The strategy requires a verify callback, which accepts these
credentials and calls done providing a user.
Here is the pseudo code.
passport.use('authtoken', new AuthTokenStrategy(
function(token, done) {
AccessToken.findOne({
id: token
}, function(error, accessToken) {
if (error) {
return done(error);
}
if (accessToken) {
if (!token.isValid(accessToken)) {
return done(null, false);
}
User.findOne({
id: accessToken.userId
}, function(error, user) {
if (error) {
return done(error);
}
if (!user) {
return done(null, false);
}
return done(null, user);
});
} else {
return done(null);
}
});
}
));
Use passport.authenticate(), specifying the 'authtoken' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.post('/login',
passport.authenticate(
'authtoken',
{
session: false,
optional: false
}
),
function(req, res) {
res.redirect('/');
}
);
You can also set the parameter optional to true, so the same call can be both authenticated and not authenticated.
An array of field names where the token is found, defaults to [token]
An array of field names where the token is found, defaults to []
When true, req is the first argument to the verify callback (default: false)
When true the request params are also included in the lookup
When true the token is optional and the strategy does't return an error
When true the token is check is case insensitive
$ npm install
$ npm test
Copyright (c) 2014 Mike Bell