Gathering detailed insights and metrics for passport-strategy
Gathering detailed insights and metrics for passport-strategy
An abstract class implementing Passport's strategy API.
Installations
npm install passport-strategyReleases
Unable to fetch releases
Developer
jaredhanson
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>= 0.4.0
Typescript Support
No
Node Version
NPM Version
1.2.25
Statistics
115 Stars
15 Commits
30 Forks
6 Watching
1 Branches
1 Contributors
Updated on 28 Oct 2024
Languages
Makefile (64.07%)
JavaScript (35.93%)
Total Downloads
Cumulative downloads
Total Downloads
456,028,539
Last day
-6.3%
511,349
Compared to previous day
Last week
1.9%
2,730,218
Compared to previous week
Last month
11.5%
11,338,425
Compared to previous month
Last year
19.4%
118,312,760
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
passport-strategy
An abstract class implementing Passport's strategy API.
Install
$ npm install passport-strategy
Usage
This module exports an abstract Strategy class that is intended to be
subclassed when implementing concrete authentication strategies. Once
implemented, such strategies can be used by applications that utilize Passport
middleware for authentication.
Subclass Strategy
Create a new CustomStrategy constructor which inherits from Strategy:
1var util = require('util') 2 , Strategy = require('passport-strategy'); 3 4function CustomStrategy(...) { 5 Strategy.call(this); 6} 7 8util.inherits(CustomStrategy, Strategy);
Implement Authentication
Implement autheticate(), performing the necessary operations required by the
authentication scheme or protocol being implemented.
1CustomStrategy.prototype.authenticate = function(req, options) { 2 // TODO: authenticate request 3}
Augmented Methods
The Strategy.authenticate method is called on an instance of this Strategy that's augmented with the following action functions.
These action functions are bound via closure the the request/response pair.
The end goal of the strategy is to invoke one of these action methods, in
order to indicate successful or failed authentication, redirect to a
third-party identity provider, etc.
strategy.success(user, info)
Authenticate user, with optional info.
Strategies should call this function to successfully authenticate a
user. user should be an object supplied by the application after it
has been given an opportunity to verify credentials. info is an
optional argument containing additional user information. This is
useful for third-party authentication strategies to pass profile
details.
Kind: instance method of Strategy
Api: public
| Param | Type |
|---|---|
| user | Object |
| info | Object |
strategy.fail(challenge, status)
Fail authentication, with optional challenge and status, defaulting
to 401.
Strategies should call this function to fail an authentication attempt.
Kind: instance method of Strategy
Api: public
| Param | Type |
|---|---|
| challenge | String |
| status | Number |
strategy.redirect(url, status)
Redirect to url with optional status, defaulting to 302.
Strategies should call this function to redirect the user (via their user agent) to a third-party website for authentication.
Kind: instance method of Strategy
Api: public
| Param | Type |
|---|---|
| url | String |
| status | Number |
strategy.pass()
Pass without making a success or fail decision.
Under most circumstances, Strategies should not need to call this function. It exists primarily to allow previous authentication state to be restored, for example from an HTTP session.
Kind: instance method of Strategy
Api: public
strategy.error(err)
Internal error while performing authentication.
Strategies should call this function when an internal error occurs during the process of performing authentication; for example, if the user directory is not available.
Kind: instance method of Strategy
Api: public
| Param | Type |
|---|---|
| err | Error |
Related Modules
- chai-passport-strategy — helpers for testing strategies with the Chai assertion library
Tests
$ npm install
$ npm test
Credits
License
Copyright (c) 2011-2014 Jared Hanson <http://jaredhanson.net/>
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 1/14 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Score
3
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More