Skip to content

coding-in-the-wild/just-login-core

Repository files navigation

just-login-core

Build Status

Handles tokens for just-login.

Example

var JustLoginCore = require('just-login-core')
var db = require('level')('./databases/core')
var core = JustLoginCore(db)

// From a form on the website:
// http://example.com/login?sessionId=abcdefab-abcd-abcd-abcdefabcdef&[email protected]
router.get('/login', function (req, res) {
	var query = url.parse(req.url, true).query

	var successHtml = '<p>U shud receiv email within few minutez...</p>'
	core.beginAuthentication(query.sessionId, query.email, sendResponse(res, successHtml))
})

// From the link in the email:
// http://example.com/authenticate?token=12345678-1234-1234-123456789012
router.get('/authenticate', function (req, res) {
	var query = url.parse(req.url, true).query

	core.authenticate(query.token, sendResponse(res, '<p>U r nao loggd in!!!</p>'))
})

function sendResponse(res, successHtml) {
	return function onRequest(err) {
		if (err) {
			res.writeHead(500, { 'Content-Type': 'text/plain' })
			res.end(err.message)
		} else {
			res.writeHead(200, { 'Content-Type': 'text/html' })
			res.end(successHtml)
		}
	}
}

API

var Core = require('just-login-core')

var core = JustLoginCore(db[, options])

  • db is expecting a levelup database.
  • options is an object that holds the (gasp) options!
    • tokenGenerator is expecting a function that returns an unique string each time it is called. This is used for token generation. Defaults to a UUID generator.
    • tokenTtl is a number in milliseconds of a token's Time To Live (TTL). Defaults to 5 minutes.
    • tokenTtlCheckIntervalMs is a number in milliseconds of the ttl's check interval. (See tiny-level-ttl, checkInterval.) Defaults to 10 seconds.
  • Returns core.

core

It emits some events and has a few methods:

core.beginAuthentication(sessionId, contactAddress[, cb])

Starts the authentication process by emitting the 'authentication initiated' event with a token and the contact address.

Something else must listen for the event, and send a message to the user. See core events for more information.

  • sessionId is a string of the session id that is trying to get authenticated.
  • contactAddress is string of the user's contact info, (usually an email address).
  • cb is a function with the following arguments:
    • err is an Error object or null.
    • authReqInfo is an object with the authentication request information (or null if an error occurred). The object is identical to the object emitted in the event, with the following properties:
      • contactAddress is a string with the contact address.
      • token is a string of the token.

Emits core.on('authentication initiated', function (authReqInfo) { ... })

core.beginAuthentication('session id', '[email protected]', function (err, authReqInfo) {
	if (!err) {
		console.log(authReqInfo.token) //logs the token
		console.log(authReqInfo.contactAddress) //logs: "[email protected]"
	}
})

core.authenticate(token[, cb])

Authenticates the token, and calls back with the session id and contact address associated with that token. Then the token and it's associated data is deleted. A token can only be authenticated once.

  • token is a string of the token that is trying to get authenticated.
  • cb is a function with the following arguments:
    • err is an Error object or null.
    • credentials is null is the user is not authenticated, and is an object if they are authenticated:
      • contactAddress is a string of their contact address.
      • sessionId is a string of their session id.

Emits core.on('authenticated', function (credentials) { ... })

core.authenticate('the token', function(err, credentials) {
	if (!err) {
		console.log(credentials.contactAddress + ' is now logged in! Congratulations!')
	} else {
		console.log('Sorry, for some reason you are not logged in.')
	}
})

core events

authentication initiated

Emitted when beginAuthentication() is called. (Which should be when the user clicks the "login" button.)

core.on('authentication initiated', function (authReqInfo) {
	console.log(authReqInfo.contactAddress)
	console.log(authReqInfo.token)
})

(You can use just-login-emailer to catch this event.)

authenticated

Emitted when core.authenticate() is successful.

core.on('authenticated', function (credentials) {
	console.log(credentials.contactAddress)
	console.log(credentials.sessionId)
})

Install

Install with npm:

npm install just-login-core

License

VOL