Skip to content

Latest commit

 

History

History
89 lines (65 loc) · 2.49 KB

README.md

File metadata and controls

89 lines (65 loc) · 2.49 KB

@winwin/koa-authentication

NPM version

Dead simple koa authentication middleware.

Why

For many time when I want to build a tiny site with authentication support, I have to config the whole passport.js thing:

It is a great lib for authentication, but not when the scenario is simple, especially for the tiny site that only need a very basic authentication. So I build my own lib, which can provide authentication in a few lines.

Install

pnpm install @winwin/koa-authentication
# use pnpm please.

Usage

// 1. create
import { createAuth } from '@winwin/koa-authentication'
export const auth = createAuth({
  sameSite: 'lax', // none, strict or lax (default)
  verify(username, password) {
    // return username === env.USERNAME && password === env.PASSWORD
    // if the authentication is valid return `true`, otherwise `false`
  },
  secret() {
    return env.SECRET
  },
})

// 2. mount login and info routes
app.use(auth.router.routes())

// 3. protect your routes
app.use(auth.auth)
// or
router.post('/some/protect/routes', auth.auth /* then your middleware */)

// 4. read user info
app.use((ctx) => {
  console.log(ctx.state.user.username)
})

Routes

  • /auth/login: POST with { username: "username", password: "password" } in body will set cookie to token.
  • /auth/info: POST will get { username: "username" } in body with status code 200 will automatically auth with token in cookie.

API

interface AuthOption {
  /**
   * Verify a basic auth
   * @returns is verified or not
   */
  verify(username: string, password: string): Promise<boolean> | boolean
  /**
   * Get jwt secret
   */
  secret(): string
}

More

The auth instance also provide three middleware to implement your own router:

  • auth.local: authenticate and set username to ctx.state.user.username.
  • auth.cookie: generate token with username from ctx.state.user.username, then set token to cookie.
  • auth.auth: verify token and set username to ctx.state.user.username.

Example

https://github.com/gethexon/hexon/

License

MIT