Options
All
  • Public
  • Public/Protected
  • All
Menu

@raincatcher/auth-passport

RainCatcher PassportAuth

The PassportAuth module is RainCatcher's implementation of PassportJS and is the default authentication and authorization module for RainCatcher. The PassportAuth module provides:

  • Creation and initialization of a Passport authentication service using Passport's local and JWT strategy
  • Protection of express routes from requests by user authentication and authorization
  • Usage of persistent login sessions using express-session

Quick Start

Setup

import { PassportAuth, UserRepository, UserService }  from '@raincatcher/auth-passport'

// Initialize user data repository, user service and passport
const userRepo: UserRepository = new YourUserRepository();
const userService: UserService = new YourUserService();
const authService: PassportAuth = new PassportAuth(userRepo, userService);
...
authService.init(router, sessionOptions);
  or
authService.init(router, undefined, secret);
...

In order to use cookie-based authentication, specify the sessionOptions.

  • For more information about the available express session options, see express-session.

When the sessionOptions is not passed, Passport will use token-based authentication using Passport's JWT strategy by default.

  • Ensure that a secret is defined to be used by Passport's JWT strategy.

Usage

Authentication

Using session based authentication

app.post('/cookie-login', authService.authenticate('local', options));

Using token based authentication

app.post('/token-login', authService.authenticateWithToken(secret, userService, userRepo));
  • This sends the signed token and user profile back to the client upon successful authentication.
  • The token's payload contains the user's username and is signed using the given secret.

Protecting Routes

app.get('/secureEndpoint', authService.protect('admin'), (req: express.Request, res: express.Response) => {
    res.json({routeName: '/secureEndpoint', msg: 'authenticated and authorized to access secure resource'});
});

JWT:

When using token based authentication, the JWT token needs to be included in each subsequent requests after a successful login as part of the Authorization header:

    Authorization: JWT JSON_WEB_TOKEN_STRING
  • For more information on Passport's JWT strategy, please see passport-jwt

Sample Implementation

See ./example for a sample implementation

Generated using TypeDoc