Passwordless-NeStore

This module provides token storage for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website https://passwordless.net for more details.

Tokens are stored in a NeDB database and are hashed and salted using bcrypt.

This modules was developped using passwordless-mongostore as an example.

Usage

First, install the module:

$ npm install passwordless-nestore --save

Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

``javascript
var passwordless = require('passwordless');
var NeStore = require('passwordless-nestore');

var dbPath = './passwordless-tokenstore.db';
passwordless.init(new NeStore(dbPath));

passwordless.addDelivery(
function(tokenToSend, uidToSend, recipient, callback) {
// Send out a token
});

app.use(passwordless.sessionSupport());
app.use(passwordless.acceptToken());
`

Initialization

`javascript
new NeStore(path_to_db_file);
`
path_to_db_file: (string)* path to the DB file. See NeDB homepage for further details.

Example:
`javascript
var dbPath = './passwordless-tokenstore.db';
passwordless.init(new NeStore(dbPath));
`

Hash and salt

As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-nestore uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used.

Tests

$ npm test`

License

MIT License

Author

JeMaGa