Skip to content

ramya-Senthamaraikannan/auth0-node

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

API authentication using auth0 JSON WEB TOKENS

Installation

npm install auth0-node

Usage

Validating API tokens needs express-jwt and jwks-rsa to validate the API

const jwt = require('express-jwt')
const jwks = require('jwks-rsa');

process.env.AUDIENCE optional parameter takes clientId, for which the api to be validated

ex: vskjvjdb(clientId of a specific application)

process.env.DOMAIN parameter takes the domain name from the auth0

ex: https://xyz.com/

authentication.jwtCheck = (audience = null) => jwt({
    secret: jwks.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 15,
        jwksUri: `https://${process.env.DOMAIN}/.well-known/jwks.json`
    }),
    //AUDIENCE is the clientId of an application, provide this if you need an API to be validated specifically for a single client
    audience: audience ? process.env.AUDIENCE : null,
    issuer: `https://${process.env.DOMAIN}/`,
    algorithms: ['RS256']
});

Permission validation

Middleware function that takes apipermissions as input to check whether the user holds that api permissions

apiPermissions.filter(value => req.user.permissions.includes(value)).length

About

API authentication using auth0

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages