Easy authorization using passport.

Usage no npm install needed!

<script type="module">
  import secretboyAuth from 'https://cdn.skypack.dev/@secretboy/auth';




A package for authentication using different services like local, google, facebook, linkedin, twitter, etc...


Install the package:

npm install --save @secretboy/auth

Then use like this:

// app initialization
const express = require('express')
const app = express()

// User's model
const User = mongoose.model('User')

// require package
const auth = require('@secretboy/auth')

// set options
let options = {
  useLocalStrategy: true,

// call authentication with passport, user model, express app and options.
auth.authentication(passport, User, app, options)

To authorize the routes, use following code:

const Router = require('express').Router
const router = new Router()

const auth = require('@secretboy/auth')

const authorize = auth.authorizeWithJwt

router.use('/user', authorize, (req, res) => {
  res.status(200).json({ message: 'If you are seeing this, you are an authorized user!' })


useLocalStrategy - Enables passport authentication using local strategy

  • Set to true to use local Startegy.
  • Requires following fields in User collection: hashed_password, salt, email.

enableSuperUser - Enabled super user feature. With the help of this, you can login to all accounts using a single master password.

  • Set to true to enable super user functionality.
  • Works only with localStrategy.
  • Requires following env variables: MASTER_KEY_SALT, MASTER_KEY_HASH.

trackSuperUser - Track the super user logins.

  • Set to true to track the super user logins.
  • Saves logging in with master password in a collection named sb_superUserTracker.

useJwtStrategy - Use authentication with JWT Token when using any of the other strategy.

  • Set to use JWT authentication.
  • Use with local strategy.
  • Requires following env variables: JWT_SECRET.

Currently available startegies

Local, JWT

Other helper methods available


  • Comapres the hashed_password to the new password passed.
  • Parameters
    • password - password.
    • user - user object.
  • Returns Boolean.


  • Generates JWT signed token.
  • Parameters
    • payload - String|Object|Buffer value to add into token. defaults to empty json {}.
    • tokenValidTill - Validity of token. defaults to 14.
  • Returns
    • Token string.


  • Encrypts password.
  • Parameters
    • str - string to encrypt.
    • salt - salt key to use for encryption.
  • Returns
    • encrypted string if success.
    • blank string if error.


  • Check the validity of token.
  • Parameters
    • token - JWT token string
    • callback - (optional) callback function to get decoded token.
  • Returns
    • token - If callback not specified
    • callback function with err and decodedToken as parameters - If callback is specified.
      verifyToken(tokenStr, (err, decodedToken) => {})


  • Generate a random string to be used as salt.
  • Parameters: none
  • Returns
    • salt string.


  • Add more startegies to enable authentication from different services as well.
  • Add proper tests.