npmpackage.info

Gathering detailed insights and metrics for moh-auth-plus

moh-auth-plus - 1.0.0 | npmpackage.info

moh-auth-plus

The auth plus lib to make auth with role, oauth, custome auth easily and reuseable.

1.0.0

MIT

JavaScript

17.19 kB

1.7

Installations

npm install moh-auth-plus

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

8.9.0

NPM Version

5.6.0 Pull Requests

Open

0

Total

2

Closed

0

Merged

2

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Languages

JavaScript

JavaScript (100%)

Developer

mohjs

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

10 Commits

2 Branches

1 Contributors

Updated on Feb 16, 2018

Maintainers

View All 1 Contributors

Package Meta Information

Latest Version

1.0.0

Package Id

moh-auth-plus@1.0.0

Unpacked Size

17.19 kB

Size

4.76 kB

File Count

NPM Version

5.6.0

Node Version

8.9.0

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

bluebird moh-logger

Dev Dependencies

ava luxon moh-mongo-injector mongoose uuid

moh-auth-plus

The auth plus lib to make auth with role, oauth, custome auth easily and reuseable.

Usage

User should inject the following methhod to make functions works.

Init the AuthPlus with your own bussiness logic

1authPlus = AuthPlus({
2  tokenTTL: xxx,
3  basicAuth: (username, password) => {},
4  customLogin: (openId) => {},
5  fetchInfo: (user) => {},
6  createToken: (user, info) => {},
7  authByToken: (token) => {},
8  refreshToken: (refreshToken) => {},
9  revokeToken: (token) => {},
10  customRevokeToken: (username) => {}
11})

Call the authPlus to handle auth logic

const token = await authPlus.basicLogin('ole3021', 'test1234')

const token = await authPlus.customLogin('WeChatOpenId')

const token = await authPlus.authenticate(currentToken.accessToken)

const token = await authPlus.refreshToken('refreshToken')

const result = await authPlus.logout(currentToken.accessToken)

const result = await authPlus.forceLogout('ole3022')

Inject base methods

A1 basicAuth: return valied user with account and password info. (account, password) => Promise.resolve(user)
A2 customAuth: return valied user with customInfo. (customInfo) => Promise.resolve(user)
B fetchInfo: return other related info with user. *(user) => Promise.resolve(info)
C createdToken: return token with user and info. (user, *info) => token
D authByToken: return toekn withh accessToken. (accessToken) => token
E refreshhToken: return new token with refreshToken. (refreshToken) => token
F1 revokeToken: return boolean with accessToken. (accessToken) => boolean
F2 customRevokeToken: return boolean with userId. (info) => boolean (Use for scenario like admin cancel user access righ.)

Buildin helpers

encrypt: return encrypted password. (password, *salt) => encryptedPassword
isVerified: return is password matchh the encrypted password. (password, encryptedPassword) => boolean

Features

basicLogin: A1 -> *B -> C
customLogin: A2 -> *B -> C
auth: D
refreshhToken: E
logout: F1
forceLogout: F2

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

68 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-8462-q7x7-g2x4
Warn: Project is vulnerable to: GHSA-4jwp-vfvf-657p
Warn: Project is vulnerable to: GHSA-v8w9-2789-6hhr
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-hr2v-3952-633q
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2
Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
Warn: Project is vulnerable to: MAL-2023-462
Warn: Project is vulnerable to: GHSA-xf7w-r453-m56c
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq
Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-p9w8-2mpq-49h9
Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-2m96-9w4j-wgv7
Warn: Project is vulnerable to: GHSA-h726-x36v-rx45
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-mh5c-679w-hh4r
Warn: Project is vulnerable to: GHSA-8687-vv9j-hgph
Warn: Project is vulnerable to: GHSA-f825-f98c-gj3g
Warn: Project is vulnerable to: GHSA-h8hf-x3f4-xwgp
Warn: Project is vulnerable to: GHSA-9m93-w8w6-76hh
Warn: Project is vulnerable to: GHSA-m7xq-9374-9rvx
Warn: Project is vulnerable to: GHSA-vg7j-7cwx-8wgw
Warn: Project is vulnerable to: GHSA-h466-j336-74wx
Warn: Project is vulnerable to: GHSA-p92x-r36w-9395
Warn: Project is vulnerable to: GHSA-45q2-34rf-mr94
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-6g33-f262-xjp4
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-2m39-62fm-q8r3
Warn: Project is vulnerable to: GHSA-mf6x-7mm4-x2g7
Warn: Project is vulnerable to: GHSA-j44m-qm6p-hp7m
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-g7q5-pjjr-gqvp
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7

Score

1.7

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More