polar-auth

standard auth helpers and middlware for polar

Usage no npm install needed!

<script type="module">
  import polarAuth from 'https://cdn.skypack.dev/polar-auth';
</script>

README

polar-auth

Config

  • jwt_secret (required): Secret key for JWT token encoding
  • id_key: Key for ID on User object (default "_id")
  • login_key: Key to check alongside password on User object (default "email")

Functions

  • getUser(user_query, cb) (required): Get a user with a query object e.g. {[login_key], password} or {[id_key]}
  • createUser(new_user, cb): Create a new user (for signup)
  • updateUser(user_id, user_update, cb): Update a user given an ID (for password reset)
  • sendEmail(email_name, email_params, cb): Send an email to a user, e.g. for resetting their password.

Usage

Instantiate by requiring polar-auth and passing a config object (or multiple config objects)

polar_auth = require 'polar-auth'
config.auth = {jwt_secret: "8s8dmfas8df..."}
auth = polar_auth config.auth, {getUser, createUser, updateUser, sendEmail}

The resulting auth object has a number of middleware and route functions:

  • auth.jwt_middleware: A middleware function that uses getUser to check if a user is logged in, assigning the result to res.locals.user.
  • auth.requireLogin: A middleware function that checks if res.locals.user is defined, and redirects to / otherwise.
  • auth.showLogin: A route function that shows the login page (which also contains signup, forgot, and reset views).
  • auth.doLogin: A route function that logs a user in.
  • auth.doSignup: A route function that signs a new user up.
  • auth.doForgot: A route function that sends a forgot password email.
  • auth.doReset: A route function that resets a user's password.
  • auth.doLogout: A route function that clears the user from the session and redirects to /.

Full Example

polar = require 'polar'
polar_auth = require 'polar-auth'
somata = require 'somata'
config = require './config'

client = new somata.Client
DataService = client.bindService 'myproject:data'

auth = polar_auth config.auth, {
    getUser: (user_query, cb) -> DataService.getUser user_query, cb
    id_key: 'id' # Using postgres instead of mongo
}

app = polar config.app,
    middleware: [auth.token_middleware]

app.get '/', auth.requireLogin, (req, res) ->
    res.render 'app'

# Using all the available routes
app.get '/login', auth.showLogin
app.post '/login.json', auth.doLogin
app.post '/signup.json', auth.doSignup
app.post '/forgot.json', auth.doForgot
app.post '/reset.json', auth.doReset
app.get '/logout', auth.doLogout