Gathering detailed insights and metrics for passport-paseto
Gathering detailed insights and metrics for passport-paseto
Installations
npm install passport-pasetoDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>= 16.0.0
Node Version
20.4.0
NPM Version
9.7.2
Releases
Unable to fetch releases
Languages
2
JavaScript
TypeScript
JavaScript (52%)
TypeScript (48%)
Developer
indiebase
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
2 Stars
26 Commits
1 Branches
1 Contributors
Updated on Sep 08, 2024
Maintainers
1
Package Meta Information
Latest Version
0.1.0-alpha.2
Package Id
passport-paseto@0.1.0-alpha.2
Unpacked Size
44.71 kB
Size
13.53 kB
File Count
20
NPM Version
9.7.2
Node Version
20.4.0
Published on
Nov 20, 2023
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Install
1npm i passport-paseto
Usage
LocalPasetoStrategy (symmetric key)
1const app = fastify(); 2// Must have due to @fastify/passport depends on @fastify/flash 3app.register(fastifySession, { 4 secret: "secret with minimum length of 32 characters", 5}); 6app.register(fastifyPassport.initialize()); 7 8const key = await V3.generateKey("local"); 9const token = await V3.encrypt( 10 { 11 username: "test", 12 }, 13 key, 14 { 15 expiresIn: "99999999s", 16 } 17); 18 19fastifyPassport.use( 20 "local-paseto", 21 new LocalPasetoStrategy( 22 { 23 getToken: fromAuthBearer(), 24 key, 25 version: "V3", 26 }, 27 (payload, done) => { 28 done(null, { username: "username_test" }); 29 } 30 ) 31); 32 33app.get( 34 "/test/bearer", 35 { 36 preValidation: fastifyPassport.authenticate("local-paseto", { 37 authInfo: false, 38 session: false, 39 }), 40 }, 41 async function (req, reply) { 42 reply.send(); 43 } 44); 45 46app.listen();
LocalPasetoStrategy(options: LocalPasetoStrategyOptions, verify);
LocalPasetoStrategyOptions:
key:<KeyObject>The secret key to decrypt with. Alternatively a'k3.local.[data]'PASERK string or any input that works forcrypto.createSecretKey().passReqToCallback:<boolean>defaultfalse.getToken:<Function>(...args) => (req) => stringfromHeader: extract token from header defaultX-Paseto-Token.fromAuthBearer: extract token from Authorization Bearer.fromAuthScheme: extract token from Authorization, e.g. Basic, Digest ...fromBody: extract token from request body.fromQuery: extract token from request query.
- version:
V1|V3 consumeOptions:<Object>assertion:<string>|<Buffer>PASETO Implicit Assertionaudience:<string>Expected audience value. An exact match must be found in the payload.clockTolerance:<string>Clock Tolerance for comparing timestamps, provided as timespan string e.g.120s,2 minutes, etc. Default: no clock tolerancecomplete:<Boolean>When false only the parsed payload is returned, otherwise an object with a parsed payload and footer (as a Buffer) will be returned. Default: 'false'ignoreExp:<Boolean>When true will not be validating the "exp" claim value to be in the future from now. Default: 'false'ignoreIat:<Boolean>When true will not be validating the "iat" claim value to be in the past from now. Default: 'false'ignoreNbf:<Boolean>When true will not be validating the "nbf" claim value to be in the past from now. Default: 'false'issuer:<string>Expected issuer value. An exact match must be found in the payload.maxTokenAge:<string>When provided the payload is checked to have the "iat" claim and its value is validated not to be older than the provided timespan string e.g.30m,24 hours.now:<Date>Date object to be used instead of the current unix epoch timestamp. Default: 'new Date()'subject:<string>Expected subject value. An exact match must be found in the payload.
Verify callback ([req], payload, next) => void
PublicPasetoStrategy(options: PublicPasetoStrategyOptions, verify)
PublicPasetoStrategyOptions:
- version:
V1|V2|V3|V4
1const fastifyPassport = require("@fastify/passport"); 2const { LocalPasetoStrategy, fromAuthBearer } = require("passport-paseto"); 3const { V3 } = require("paseto"); 4 5const { secretKey, publicKey } = await V3.generateKey("public", { 6 format: "paserk", 7}); 8 9const token = await V3.sign( 10 { 11 username: "test", 12 }, 13 secretKey, 14 { 15 expiresIn: "99999999s", 16 } 17); 18 19fastifyPassport.use( 20 "public-paseto", 21 new PublicPasetoStrategy( 22 { 23 getToken: fromAuthBearer(), 24 publicKey, 25 version: "V3", //default V4 26 }, 27 (payload, done) => { 28 done(null, { username: "username_test" }); 29 } 30 ) 31); 32 33app.get( 34 "/test/bearer", 35 { 36 preValidation: fastifyPassport.authenticate("public-paseto", { 37 authInfo: false, 38 session: false, 39 }), 40 }, 41 async function (req, reply) { 42 reply.send(); 43 } 44);
Tests
1npm i 2npm test
Note Bene
Only test with Fastify.
No vulnerabilities found.
No security vulnerabilities found.