AuthFunctions Express - JavaScript

AuthFunctions Express is a middleware for Node.js and Express, providing a simple and lightweight way to implement user authentication and authorization in your web applications.

Features

• Customizable authentication and authorization middleware
• Multiple authentication strategies, including username/password and OAuth2
• Role-based access control
• Token-based authentication for RESTful APIs
• Straightforward integration with Express.js

Installation

You can install AuthFunctions Express using NPM:

npm install authfunctions-express

Usage

First, require the module and configure it to use a desired authentication strategy:

const authFunctions = require('authfunctions-express');

authFunctions.configure({
  strategy: 'local',
  verify: (username, password, done) => {
    // Your authentication logic here
  },
});

After configuring, you can use the provided middleware in your Express routes by calling authFunctions.authenticate():

app.get('/protected', authFunctions.authenticate(), (req, res) => {
  res.send('Hello, authenticated user!');
});

This middleware will check if the user is authenticated before allowing access to the route.

You can also use authFunctions.authorize(role) to restrict access to certain user roles:

app.get('/admin', authFunctions.authenticate(), authFunctions.authorize('admin'), (req, res) => {
  res.send('Hello, admin!');
});

Examples

Token-based authentication for RESTful APIs

const authFunctions = require('authfunctions-express');
const jwt = require('jsonwebtoken');

authFunctions.configure({
  strategy: 'jwt',
  secret: 'my-secret-key',
  verify: (payload, done) => {
    // Your authentication logic here
  },
});

app.post('/login', (req, res) => {
  // Authenticate user and generate token
  const token = jwt.sign({ userId: user.id }, 'my-secret-key');
  res.json({ token });
});

app.get('/protected', authFunctions.authenticate('jwt'), (req, res) => {
  res.send('Hello, authenticated user!');
});

OAuth2 authentication with Passport.js

const authFunctions = require('authfunctions-express');
const passport = require('passport');
const GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;

authFunctions.configure({
  strategy: 'oauth2',
  provider: 'google',
  clientID: 'your-client-id',
  clientSecret: 'your-client-secret',
  callbackURL: 'https://your-app.com/auth/google/callback',
  verify: (accessToken, refreshToken, profile, done) => {
    // Your authentication logic here
  },
});

// Set up passport
passport.use(new GoogleStrategy({
  clientID: 'your-client-id',
  clientSecret: 'your-client-secret',
  callbackURL: 'https://your-app.com/auth/google/callback',
}, authFunctions.passportCallback('oauth2', 'google')));

// Handle authentication flow
app.get('/auth/google', passport.authenticate('google', { scope: ['profile', 'email'] }));
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), (req, res) => {
  res.redirect('/');
});

// Protected route
app.get('/protected', authFunctions.authenticate('oauth2'), (req, res) => {
  res.send('Hello, authenticated user!');
});

License

This module is licensed under the MIT License. See LICENSE for details.