aluzed / node-redis-web-token

Redis Web Token with node
MIT License
0 stars 0 forks source link

Redis Web Token with Node

Why ?

In order to share our authentication between multiple instance and whatever technology you use, using RWT will bring some simplicity to all that stuff. By using third part component (redis), we'll be able to check token in each microservice.

  ----------       ----------------
  | redis  | <-----|  PHP worker  |
  ----------       ----------------
    ^   ^
    |   |        ---------------------
    |   ---------|  Node instance 1  |
    |            ---------------------
    |
    |            ---------------------
    -------------|  Node instance 2  |
                 ---------------------

Installation

npm i -S redis-web-token

Usage

const rwt = require('redis-web-token')({
  // Redis server configuration
  redis: {
    host: ...,
    port: ...,
    ...,
  },
  // Custom RWT configuration
  custom: {
    expire: ...,
    verifyExtendsToken: ...
  }
});

// Authenticate :
rwt.sign({ userKey1: val1, userKey2: val2, ... }, 'yourAppSecret', { expire: time in seconds }, (err, token) => {
  if(err)
    //Handle error

  // Handle succes with token variable
});

// Verify token :
rwt.verify(token, 'yourAppSecret', (err, user) => {
  if(err || !user)
    // Handle error

  // Handle success
});

// Destroy token :
rwt.verify(token, 'yourAppSecret', (err) => {
  if(err)
    // Handle error

  // Handle success
});

// Extend token life :
rwt.extend(token, 'yourAppSecret', (err) => {
  if(err)
    // Handle error

  // Handle success
});

RWT Parameters

When you require RWT, you should pass extra parameters to the function :

RWT Custom Parameters Options

Parameter Type Details
expire Number Set the token TTL in seconds
verifyExtendsToken Boolean Extend automatically the token life each time we check its validity 

Methods

sign

Generate the redis token.

Parameters

 verify

Check if hour token is alive an return the User object values we set at connection, if you edit user values during the session, those data may be outdated. You must call the sign method each time you update your user's values.

Parameters

 extend

Reset the TTL of our token with default expire value in our configuration.

Parameters

disconnect

To avoid process to stay alive before closing node instance. If you use disconnect method, any call to sign, verify or extend method will reconnect automatically.

No parameter

connect

If you want to handle when you want to connect to redis server.

No parameter


Example

Node.js

See sample at : https://github.com/aluzed/node-redis-web-token-sample