Passwordless-MongoStore

This fork uses bcrypt.js instead of bcrypt for pure node implementations. The one below no longer is updated.

This module provides token storage for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website https://passwordless.net for more details.

Tokens are stored in a MongoDB database and are hashed and salted using bcrypt. If you have trouble installing bcrypt (esp. on Windows) you could also consider using the slower but pure-JS version of MongoStore.

Usage

First, install the module:

$ npm install passwordless-mongostore --save

Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

``javascript var passwordless = require('passwordless'); var MongoStore = require('passwordless-mongostore');

var mongoURI = 'mongodb://localhost/passwordless-simple-mail'; passwordless.init(new MongoStore(mongoURI));

passwordless.addDelivery( function(tokenToSend, uidToSend, recipient, callback) { // Send out a token }); app.use(passwordless.sessionSupport()); app.use(passwordless.acceptToken());`

`Initialization`

`javascript new MongoStore(uri, [options]);`uri: (string)* MongoDB URI as further described in the MongoDB docs [options]: (object)* Optional. This can include MongoClient options as described in the docs and the ones described below combined in one object as shown in the example

Example:`javascript var mongoURI = 'mongodb://localhost/passwordless-simple-mail'; passwordless.init(new MongoStore(mongoURI, { server: { auto_reconnect: true }, mongostore: { collection: 'token' } }));`

`$3`


 [mongostore.collection]: (string)* Optional. Name of the collection to be used. Default: 'passwordless-token'
Hash and salt

As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-mongostore uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.
Tests

$ npm test`

License

MIT License

Author

Florian Heinemann @thesumofall

Passwordless-MongoStore

This fork uses bcrypt.js instead of bcrypt for pure node implementations. The one below no longer is updated.

Usage

First, install the module:

$ npm install passwordless-mongostore --save

Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

``javascript var passwordless = require('passwordless'); var MongoStore = require('passwordless-mongostore');

var mongoURI = 'mongodb://localhost/passwordless-simple-mail'; passwordless.init(new MongoStore(mongoURI));

passwordless.addDelivery( function(tokenToSend, uidToSend, recipient, callback) { // Send out a token }); app.use(passwordless.sessionSupport()); app.use(passwordless.acceptToken());`

`Initialization`

`$3`


 [mongostore.collection]: (string)* Optional. Name of the collection to be used. Default: 'passwordless-token'
Hash and salt

As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-mongostore uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.
Tests

$ npm test`

License

MIT License

Author

Florian Heinemann @thesumofall

passwordless-mongostore-bcrypt-nodejs-updated

Passwordless-MongoStore

Usage

`Initialization`

`$3`

Hash and salt

Tests

License

Author

passwordless-mongostore-bcrypt-nodejs-updated

Passwordless-MongoStore

Usage

`Initialization`

`$3`

Hash and salt

Tests

License

Author