search

perfood / couch-auth

Powerful authentication for APIs and apps using CouchDB (or Cloudant) with Node >= 14
MIT License
68 stars 19 forks source link

Add catch clause #3

Closed mqtik closed 3 years ago

mqtik commented 4 years ago

Throws an error if (err) is not defined on catch

fynnlyte commented 4 years ago

Hi, are you sure that this change is required? In which environment are you getting an error? According to MDN („The exception identifier”) and my TypeScript linter a statement like this is perfectly valid of the error is just swallowed silently:

function isValidJSON(text) {
  try {
    JSON.parse(text);
    return true;
  } catch {
    return false;
  }
}

Something else: I've seen that you've been asking for a CouchDB Adapter of nextauth. I'm planning to adjust superlogin more to OWASP recommendations (see roadmap), mainly to prevent username/ email - guessing by adjusting registration / pw reset / email change, removing the validate-x routes and switching to uuids as identifiers. And instead of introducing lots of breaking changes into this repo, I might just write that adapter and move some core functionality of superlogin into a separate project. Do you have experience with nextauth and would you recommend that approach?

mqtik commented 3 years ago

I do have experience, however, I had to update to CouchDB 3.1 to support JWT tokens.

I think tokens are really important for native mobile & desktop apps. How does superlogin-next handles that?

fynnlyte commented 3 years ago

Currently I don't have any plans to support JWT auth in superlogin-next.