api-secure

Server side router and client-side AJAX middleware for secure APIs

Usage no npm install needed!

<script type="module">
  import apiSecure from 'https://cdn.skypack.dev/api-secure';
</script>

README

api-secure

Server side router and client-side AJAX middleware for secure APIs

Architecture

TBD

Server route features

  • Designed for Express
  • Login route to return access/refresh tokens
  • Refresh token route to acquire access token (http-only cookie)
  • Middleware to check for valid access tokens and expose down chain
  • Configurable data storage
  • Rate limiter
  • CSRF Support

Client side features

  • Designed for Axios
  • Configs for attaching tokens to requests
  • Interceptors for automatic access token refresh before expiration response
  • In-memory storage of u/p, refresh token, access token
  • Configurable callback on u/p needed for new refresh token
  • Logout method
  • CSRF Support