Giter Site home page Giter Site logo

authenticare's Introduction

Authenticare

A JWT helper library for full-stack Node apps

You can find an example fullstack application in the example folder.

You can find the docs for the most important functions exported for both client-side and server-side use in the docs folder.

Version 0.4.9

  • Improved the error message coming from the client register and signIn functions
  • Example: added an error message to the Register and SignIn pages to show the improved error message
  • Docs: updated docs for register and signIn to illustrate how to use the error message

Version 0.4.8

  • Replaced libsodium-wrappers-sumo with libsodium
  • Removed nock as a devDependency
  • Updated all possible dependencies
  • Moved tests to same folder as code under test
  • Running tests require NodeJS version 14 or greater (due to use of the optional chaining operator ?)
  • Removed testing folder - I might bring it back later if I can get happy with it
  • Improved lint config and applied fixes throughout codebase (thanks @joshuavial)
  • Example: require username and password on sign-in and register forms
  • A LOT of code refactorings (mostly aesthetics)

Version 0.4.7

  • Updated dependencies
  • Added the ability to configure token expiration (thank you @nisidazza)
  • Removed the tutorial (too much to maintain) the example should suffice
  • Example: moved BASE_API_URL environment variable into a config file
  • Example: refactored tests

Version 0.4.6

  • Bug fix related to verifyEndpoint (thank you @joshuavial)
  • Updated dependencies to fix known security vulnerabilities

Version 0.4.5

  • Updated dependencies to fix known security vulnerabilities

Version 0.4.4

  • Added server/token/getTokenDecoder to replace server/token/decode to allow a route to succeed regardless if a token is provided or not. Currently decode will throw if a token is not found. decode is deprecated and will be removed in v0.5.0.
  • Updated the example an tutorial to reflect this change.
  • Updated dependencies to fix known security vulnerabilities.

Version 0.4.3

  • Updated dependencies to fix known security vulnerabilities

Version 0.4.2

  • Updated dependencies to fix known security vulnerabilities

Version 0.4.1

  • Prevent publishing the tutorial in the npm package

Version 0.4.0

Non-breaking changes

  • client/getDecodedToken was added
  • client/getAuthorizationHeader was added (getEncodedToken is still available, but less relevant now)
  • A tutorial was added (but it still needs more work)

Breaking changes

  • client/getAuthToken was function renamed to getDecodedToken to match getEncodedToken
  • The createUser function passed to server/applyAuthRoutes now takes a single user object parameter instead of username and password parameters

authenticare's People

Contributors

dependabot-preview[bot] avatar dependabot[bot] avatar don-smith avatar joshuavial avatar lache-melvin avatar nisidazza avatar rossjourdain avatar snyk-bot avatar

Stargazers

avatar avatar avatar

Watchers

avatar

Forkers

joshuavial kelly-keating nisidazza lache-melvin rossjourdain myexistance lucas-f0ster

authenticare's Issues

tests fail when run with node v12

It might be good to add a note to the readme that you need node v14 to run this - all the ?. syntax in client/request.js:22 was failing when running the tests under v12

change token duration

The underlined jsonwebtoken library supports token expiration date/time, I would like to add this feature also in authenticare.

Add password reset support

This will require asking for more information from the user, such as a question only they can answer. Their answer (and potentially the question) should be stored encrypted. Will also need their email address (or potentially, eventually SMS) to send them their password reset key.

This will also require creating password reset keys, which should also be stored encrypted and have an expiry.

Support 2FA

  • Find a library for adding Two-factor Authentication (2FA)
  • Implement it using the library

npm reports security vulnerabilities when installing 

╰─$ npm i
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 558 packages from 416 contributors and audited 876975 packages in 5.405s
found 4 vulnerabilities (1 moderate, 3 high)
  run `npm audit fix` to fix them, or `npm audit` for details

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.