Gathering detailed insights and metrics for balena-auth
Gathering detailed insights and metrics for balena-auth
Installations
npm install balena-authDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=18.0.0
Node Version
18.19.1
NPM Version
10.2.4
Languages
2
TypeScript
JavaScript
TypeScript (97.01%)
JavaScript (2.99%)
Developer
balena-io-modules
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
4 Stars
88 Commits
1 Forks
2 Watchers
4 Branches
10 Contributors
Updated on Feb 21, 2023
Bundle Size
22.74 kB
Minified
6.78 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
6.0.1
Package Id
balena-auth@6.0.1
Unpacked Size
43.38 kB
Size
10.26 kB
File Count
15
NPM Version
10.2.4
Node Version
18.19.1
Published on
Feb 23, 2024
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
4
Dev Dependencies
25
balena-auth
Join our online chat at 
Balena session authentication utilities
Role
The intention of this module is to provide low level access to how a balena authentication tokens are parsed and persisted.
THIS MODULE IS LOW LEVEL AND IS NOT MEANT TO BE USED BY END USERS DIRECTLY.
Unless you know what you're doing, use the balena SDK instead.
Installation
Install balena-auth by running:
1$ npm install --save balena-auth
Documentation
The module returns a class that you use to get an instance of the auth module.
It accepts the following params:
| Param | Type | Description |
|---|---|---|
| options | Object | options |
| [options.dataDirectory] | string | false | the directory to use for storage in Node.js or false to create an isolated in memory instance. Values other than false are ignored in the browser. |
| [options.tokenKey] | string | the key used to store the last token in the storage. token by default. |
Example
1import BalenaAuth from 'balena-auth';
2const auth = new BalenaAuth({
3 dataDirectory: '/opt/cache/balena',
4 tokenKey: 'token'
5});- auth
- ~setKey(key) ⇒
[ 'Promise' ].<void> - ~hasKey() ⇒
[ 'Promise' ].<Boolean> - ~removeKey() ⇒
Promise - ~getType() ⇒
[ 'Promise' ].<TokenType> - ~getKey() ⇒
[ 'Promise' ].<string> - ~getAge() ⇒
[ 'Promise' ].<(number|undefined)> - ~isExpired() ⇒
[ 'Promise' ].<boolean> - ~isValid() ⇒
[ 'Promise' ].<boolean> - ~get2FAStatus() ⇒
[ 'Promise' ].<('not_required'|'pending'|'passed')> - ~needs2FA() ⇒
[ 'Promise' ].<boolean>
- ~setKey(key) ⇒
auth~setKey(key) ⇒ [ 'Promise' ].<void>
Kind: inner method of auth
Summary: Set the key
Access: public
| Param | Type |
|---|---|
| key | String |
Example
1auth.setKey('...').then(() => { ... });
auth~hasKey() ⇒ [ 'Promise' ].<Boolean>
Kind: inner method of auth
Summary: Has a key
Returns: [ 'Promise' ].<Boolean> - has key
Access: public
Example
1auth.hasKey().then((hasKey) => { ... });
auth~removeKey() ⇒ Promise
This promise is not rejected if there was no key at the time of removal.
Kind: inner method of auth
Summary: Remove the key
Access: public
Example
1auth.removeKey();
auth~getType() ⇒ [ 'Promise' ].<TokenType>
Kind: inner method of auth
Summary: Gets the key type
Access: public
Example
1auth.getType().then((type) => { ... });
auth~getKey() ⇒ [ 'Promise' ].<string>
Kind: inner method of auth
Summary: Gets the key
Access: public
Example
1auth.getKey().then((key) => { ... });
auth~getAge() ⇒ [ 'Promise' ].<(number|undefined)>
Kind: inner method of auth
Summary: Gets the token age
Access: public
Example
1auth.getAge().then((age) => { ... });
auth~isExpired() ⇒ [ 'Promise' ].<boolean>
Kind: inner method of auth
Summary: Checks if token is expired
Access: public
Example
1auth.isExpired().then((expired) => { ... });
auth~isValid() ⇒ [ 'Promise' ].<boolean>
Kind: inner method of auth
Summary: Checks if token format is valid
Access: public
Example
1auth.isValid().then((valid) => { ... });
auth~get2FAStatus() ⇒ [ 'Promise' ].<('not_required'|'pending'|'passed')>
Kind: inner method of auth
Summary: Gets whether passing a 2FA challenge is pending, passed or not required.
Access: public
Example
1auth.get2FAStatus().then((get2FAStatus) => { ... });
auth~needs2FA() ⇒ [ 'Promise' ].<boolean>
Kind: inner method of auth
Summary: Checks whether passing 2FA is pending/needed
Access: public
Example
1auth.needs2FA().then((needs2FA) => { ... });
Support
If you're having any problem, please raise an issue on GitHub and the balena team will be happy to help.
Tests
Run the test suite by doing:
1$ npm test
Contribute
- Issue Tracker: github.com/balena-io-modules/balena-auth/issues
- Source Code: github.com/balena-io-modules/balena-auth
Before submitting a PR, please make sure that you include tests, and that tslint runs without any warning:
1$ npm run lint
License
The project is licensed under the Apache 2.0 license.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
Found 1/16 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/flowzone.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: 'allow deletion' enabled on branch 'master'
- Warn: 'force pushes' enabled on branch 'master'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'
- Warn: 'stale review dismissal' is disabled on branch 'master'
- Warn: branch 'master' does not require approvers
- Warn: codeowners review is not required on branch 'master'
- Warn: 'last push approval' is disabled on branch 'master'
- Info: 'up-to-date branches' is required to merge on branch 'master'
- Info: status check found to merge onto on branch 'master'
- Info: PRs are required in order to make changes on branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 22 are checked with a SAST tool
Score
3.7
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More