README
api-secure
Server side router and client-side AJAX middleware for secure APIs
Architecture
TBD
Server route features
- Designed for Express
- Login route to return access/refresh tokens
- Refresh token route to acquire access token (http-only cookie)
- Middleware to check for valid access tokens and expose down chain
- Configurable data storage
- Rate limiter
- CSRF Support
Client side features
- Designed for Axios
- Configs for attaching tokens to requests
- Interceptors for automatic access token refresh before expiration response
- In-memory storage of u/p, refresh token, access token
- Configurable callback on u/p needed for new refresh token
- Logout method
- CSRF Support